Quality, continuity & cloud security 

                ISO-certified and earning your confidence daily

                ISO-certified because your business depends on us

Your business demands the highest quality and availability from your digital infrastructure. Count on us to make sure that happens for you. To prove our continuous commitment to your success, our robust Integrated Management System combines a Quality Management System, a Business Continuity Management System, and an Information Security Management System.

                    Quality Management System

Our ISO 9001-certified Quality Management System (QMS) is foundational for assuring high customer satisfaction, delivering the best-quality services and software as well as making continuous improvements. As part of our QMS, our system for Product Development, Professional Services and Global Support describes the processes, roles and rules that guide the daily work of every employee and how critical assets are secured. This framework:

  • Assures compliance with laws and regulations on quality, safety and performance
  • Safeguards our ability to support our customers
  • Clearly defines transparent processes
  • Enables a continuous stream of innovation in an agile development environment
  • Builds in feedback to assure we supply quality software that creates a competitive advantage for our customers

The QMS is foundation of our Integrated Management System (IMS). See certificates:

                    Business Continuity Management System

Our ISO 22301-certified Business Continuity Management System incorporates an extraordinary degree of digitalization with best-practice governance processes, incident response teams and co-location of critical infrastructure and applications. This assures critical systems are available for our customers so they can meet their compliance requirements. Customers are guaranteed to get the services they need, quickly and effectively, even in a crisis situation. We continually align our Business Continuity Management System to changing requirements, review it regularly and improve continuously its efficiency. See certificates:

                    Occupational, Health and Safety (OH&S) Management System

ISO 45001 is an international standard that specifies requirements for an occupational health and safety (OH&S) management system. It provides a framework for organizations to manage risks and improve OH&S performance. Implementing ISO 45001 provides significant value to organizations looking to reduce workplace incidents and demonstrate OH&S commitment.

Benefits include:

  • ISO 45001 provides an internationally-recognized framework for managing occupational health and safety risks. It enables organizations to systematically assess hazards and implement risk control measures, leading to reduced workplace injuries, illnesses and incidents.
  • Adopting the standard shows employees and external stakeholders that the organization is committed to worker health, safety and wellbeing. This boosts reputation, morale and retention.
  • The standard requires complying with OH&S regulations, ensuring legal conformity. It also promotes proactive risk management, potentially lowering insurance premiums.
  • By requiring emergency preparedness and response protocols, ISO 45001 strengthens organizational resilience against safety threats and crises.
  • The framework of plan, do, check act means the OH&S system can continually improve and evolve, enhancing long-term worker health and safety performance.

In summary, ISO 45001 enables organizations to better protect their workers and manage OH&S risks, making it an essential standard worldwide. SOFTWARE AG INTERNATIONAL FZ LLC has been certified for compliance with ISO 45001:2018 since 2022.

                     Environmental Management System

ISO 14001 is an internationally agreed standard that sets out the requirements for an environmental management system. It helps organizations improve their environmental performance through more efficient use of resources and reduction of waste, gaining a competitive advantage and the trust of stakeholders.

  • There are many reasons why an organization should take a strategic approach to improving its environmental performance and its benefits are
  • Demonstrate compliance with current and future statutory and regulatory requirements.
  • Increase leadership involvement and engagement of employees.
  • Improve company reputation and the confidence of stakeholders through strategic communication
  • Achieve strategic business aims by incorporating environmental issues into business management
  • Provide a competitive and financial advantage through improved efficiencies and reduced costs
  • Encourage better environmental performance of suppliers by integrating them into the organization’s business systems

In summary, ISO 14001 enables Software AG to provide assurance to our customers that our products are environmental friendly and sustainable. SOFTWARE AG INTERNATIONAL FZ LLC has been certified for compliance with ISO 14001:2015 since 2022.

                Information Security

Our Information Security Management Program (ISMP) defines our security framework to define and govern the extensive security measures we have in place. It is based on industry-leading best practices and internationally recognized standards.

                    Cloud Information Security Management System

The ISO/IEC 27000 standards series is a widely recognized set of international security standard that specifies security management best practices and comprehensive security controls. The foundation of this certification is the development and implementation of a Cloud Information Security Management System (ISMS).

The Software AG Cloud ISMS defines our approach to managing security for cloud services in a holistic, comprehensive manner and provides a suite of information security measures to:

  • Protect cloud information assets from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction
  • Proactively identify security risks, prevent, detect and respond to security breaches and violations
  • Comply with legal, regulatory and contractual requirements
  • Adopt an overarching management process to ensure information security controls meet information security needs on an ongoing basis

The independent third-party auditors assessment, which validates compliance with the ISO/IEC 27001 standard, provides evidence that the Software AG Cloud ISMS is comprehensive and in accordance with industry-leading best practices.

Software AG has certification for compliance with ISO/IEC 27001:2013, ISO/IEC 27017:2015, and ISO/IEC 27018:2019. The standard cloud services in scope are listed in the certification scope statement. See certificates:

                    Service Organization Controls (SOC)

SOC reports are independent third-party examination reports that demonstrate how Software AG achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand Software AG controls established to support operations and compliance.


The ENX Association supports with TISAX (Trusted Information Security Assessment Exchange) on behalf of VDA the common acceptance of Information Security Assessments in the automotive industry. The TISAX Assessments are conducted by audit providers that demonstrate their qualification at regular intervals. TISAX and TISAX results are not intended for general public.

Software AG follows the question catalogue of information security of the German Association of the Automotive Industry (VDA ISA Version 5). The result is exclusively retrievable over the ENX portal https://portal.enx.com/en-US/TISAX/tisaxassessmentresults for already registered TISAX participants with the following information:

Scope-ID: S12L3Y

Assessment-ID: A13YLL-1

                    See, decide & act with Software AG

Find out what you can do with Software AG’s platform