iso 9001 certification adorsys

Blog 6 mins reading time

Starting the new year right off: We are ISO 9001 certified!

We are thrilled to be awarded the ISO 9001:2015 certification, an internationally recognized standard that ensures that
our products and services meet the needs of our clients through implementing and continuously improving an effective
quality management system.

Throughout the accreditation process we’ve developed a robust quality management system which has enabled us to improve our overall performance and maintain a high level of quality in everything we do.

But let’s wind it back to how it all started!

Why were we keen to get the certification?

We pride ourselves on more than 15 years of experience in planning and executing high-end software projects together with our customers and partners.

From our early startup phase in 2006, we’ve steadily grown to a company with roughly 130 highly skilled staff as of today and are eager to continue this course.

Quality must be at the heart of everything we do, and we continuously challenge ourselves to improve our services to exceed our customer’s expectations. With technologies constantly evolving, staff moving or joining, working in cooperations with partners, one aspect however remains:  We need reliable, reproducible quality and delivery!

As a matter of fact, at adorsys we have defined and robust procedures in place in all our business areas. Our toolbox of best practices for IT work has been documented, can be passed on and successfully reapplied again and again to all sorts of IT projects.

That’s why we started an internal project in 2022 to manifest our quality promise with an ISO 9001 audit and certified Quality Management System (QMS), to be shared to the public.

Kickoff and standard requirements for ISO 9001

Initially, and without requiring too much effort for any established company, the context and governance of a QMS must be discussed, analyzed and documented in a transparent and digestible format for all employees.

Among other things, this has to include the market and service offering, an analysis of all stakeholders with their respective expectations as well as any technological and economic constraints resulting out of this context.

Derived from this, a series of commitments and guidelines is created by the company’s management regarding the objectives, opportunities, risks, and the planning and resource allocation of the anticipated QMS.

That part is generally cited as the ‘Quality Policy’ of a company.

This is usually followed by a gap analysis of the current organization and its processes against the requirements of the standard, which are generic in type but can be clearly interpreted in the respective context:

  • Structure, responsibilities, and processes must be documented in depth and comprehensibly applied
  • Required competencies, know-how and communication strategies must be defined, instructed, and maintained in a
    well-structured manner
  • Both internal staff as well as external partners must be managed, and continuously supervised across projects
  • Project managers must identify and communicate deviations as early as possible and develop and implement
    suitable countermeasures.

In addition to the monitoring and quality assurance of each individual project, the overarching QMS must also be regularly evaluated and constantly further evolved via project experience and customer feedback.

How did we implement it all at adorsys?

Since adorsys already had a COBIT (Control Objectives for Information Technology) governance and compliance system in place, many of the standard requirements were by that time fully or partially covered.

To implement the missing elements, we didn’t want to create unnecessary or complicated overhead which would impede our daily agile work procedures.

So how did we do it?

At the beginning, we enlisted an experienced external consultant to carry out a gap analysis of our initial situation.

Primarily, we then detailed our end-to-end core process, the ‘Customer Engagement Lifecycle’. This hardened our processes and methodologies related to requirements analysis for proposal and contract, project setup, execution and monitoring, customer handover, closing and feedback, maintenance, and support.

We also had to implement new standard requirements specific to HR and IT administration, such as onboarding requirements for new employees, assessment documentation and professional development, as well as IT infrastructure and access management to customer environments and project artifacts.

On top of that, individual project managers now select, manage and evaluate our partners and suppliers as per pre-defined guidelines.

After approximately six months of implementation work, we completed an internal audit and made final adjustments to ensure our certification readiness.

In October 2022, we were successfully audited by TÜV Hessen and happily received our first certification in December 2022.

How is our work different with an ISO 9001 Quality Management System?

The ISO 9001 certification demonstrates that we have robust, clearly defined procedures in place in all our business areas and that we operate with quality and transparency in mind.

We are committed to improving our customers’ experience and witness great advantages for our organization as well as our customers:

  • Increased efficiency and productivity
  • Continuous improvement of our services
  • Issues are identified and resolved quicker
  • International recognition
  • Inspired employee morale and increased job satisfaction.
  • Improved record keeping
  • Better supplier management
  • Customer assurance for consistent, reliable, and fit for purpose solutions

Our Delivery Leads and overarching Project Management Office must now follow clear guidelines. E.g. key roles must be assigned and documented, and we require regular status reports and project reviews by those staff. The project documentation, project closure and lessons-learned are now standardized.

Our employees are repeatedly made aware of the goals and contents of our QMS during their onboarding process and through know-how sessions or via our awareness portal.

Even though the certification is valid for three years, we have to engage in at least yearly internal audits to ensure a continuous improvement process is in place and the QMS is followed as planned.

There is also an annual external monitoring audit by TÜV Hessen, which helps us to maintain the system and identify any problems that may arise at an early stage.

In summary, even if we are constantly reminded of new templates or tasks as part of our internal control system, our daily work and collaboration with customers and partners still feels agile, lightweight and enjoyable!

Interested in more details about our ISO 9001 Quality Management System?

thilo Rottach adorsys

Thilo Rottach, Managing Director is happy to talk to you about our work. Feel free to contact him at