Corporate Report 2024

Chapter 1

Sustainable corporate governance

Since its foundation in 1983, SQS has been contributing to a more sustainable economy.

Chapter 2

Business model and business performance

SQS positions itself as a premium provider of conformity assessments.

Chapter 3

Social affairs

The business of assessments and certifications is a «People’s business».

Chapter 4

Environment

Sustainable corporate governance also means ecological responsibility.

Creative destruction, or: digitalisation breaks and needs conformity

The economy is reacting ambivalently to the ground-breaking dynamics of digitalisation. The stock market is celebrating tech companies, and there will soon be as many Chief Information Technology Officers as CEOs. At the same time, companies are demanding order and orientation. This is evidenced by the demand for conformity assessments in the field of information security. For SQS, it is the stuff of a success story.

Creative destruction. This is what the great economist and sociologist Joseph Alois Schumpeter called the capitalist dynamic that has been transforming our society since the 19th century. Old things disappear, new things emerge. Digitalisation further fuels this dynamic. The consequences of artificial intelligence, which became a globally available application product in 2024, are already visible and yet unforeseeable.

Digitalisation is ambivalent for companies and society as a whole. It harbours opportunities and risks, creates winners and losers. It overrides rules or makes them obsolete, and at the same time requires new rules. Even innovative companies, the agents of change par excellence, need order and orientation. This is demonstrated by SQS's experience and development in the field of information security in recent years.

The approach of the ISO Management System Standards

The International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC) published the Management System Standard 27001 in 2005. In a broad-based and transparent process, they defined technical and organisational requirements for information and cybersecurity as well as data protection. In doing so, they remained true to the management system standards' approach of not setting an absolute, static target. To stay in the picture: The destruction and creation in the course of digitalisation should neither be slowed down nor directed towards a specific end point. Instead, organisations were provided with principles and guidelines to help them shape and manage digitalisation in the most structured and responsible way possible.

Competent and practical conformity assessment was required for the standard to be effective. This is the only way for organisations to have the incentive and independent external perspective to continuously improve themselves - as required by the standard. Only then can they credibly demonstrate to third parties that their management system fulfils the requirements. This is the only way to create the necessary trust in the market.

SQS had already certified to the British standard BS 7799, published in 1999, which served as a template for ISO/IEC 27001:2005. The new international standard was introduced in 2006. Since then, SQS has expanded its portfolio in the field of information and communication technology (ICT) to twelve products and has become a leading certification body for corresponding management systems in Switzerland. According to Gerlinde Frera, who is responsible for the ICT sector at SQS, demand has increased significantly over the last five years. «Between 2020 and 2024, we almost doubled our turnover». The number of new orders has even increased tenfold during this period.

The light and dark sides of a dynamic market

To meet this demand, SQS increased its team in Switzerland and Italy, its second main market, from 15 auditors in 2020 to 32 in 2024. According to Frera, this expansion of the offering also enabled a qualitative improvement: «We now have more technological and branch-specific expertise, which is why we can comprehensively audit customers in all branches». She expects the strong growth to continue.

However, this dynamic also has its downsides. The swelling demand is attracting providers who are not authorised by the Swiss Accreditation Service (SAS). This is because ISO certificates can be issued by any person or organisation. «The SAS checks year after year whether we fulfil the high requirements of ISO and the international accreditation system for conformity assessment,» says SQS CEO Felix Müller. «In contrast, non-accredited bodies cannot guarantee that they have the skills, processes and independence required for high-quality and recognised certification.» This is doubly damaging: On the one hand, the certified companies cannot be sure that their management system is compliant. On the other hand, the credibility of certificates and therefore trust in the market would be undermined.

SQS is therefore taking consistent action against unfair competitors - in order to continue its success story and that of the ISO standards. The latest chapter in this story has only just begun: In 2024, SQS added ISO/IEC 42001:2023 to its ICT portfolio, the standard for management systems for artificial intelligence that had been published the year before. So that we can seize the opportunities and reduce the risks associated with the process of creative destruction. (Alex Gertschen)

Editorial

«Born to be wild!» This was the name of the global hit by the North American rock band Steppenwolf in the late 1960s. It was a time when, for many people, rules felt like shackles that needed to be broken in order to allow more freedom and creativity.

«Born to be down-to-earth!» This could be the soundtrack to SQS's success. Of course, we also sometimes perceive rules as a constraint! And they can never be an end in themselves in a free society. But at the same time, we recognise the benefits of norms and standards. They promote quality and safety, they create reliability and trust. In the cockpit, operating room or lift, such characteristics are more important than freedom and creativity.

For 41 years, we have been checking whether management systems, processes and services comply with particular norms and standards. That’s our mission as a not-for-profit organisation. That is our trade. Norms and standards are often developed at «high altitude». We check whether and how they are applied in the real world. This requires a down-to-earth approach.

And it seems that in a world that is increasingly dynamic, volatile and sometimes confusing, this is precisely what is needed: independent, competent, practical conformity assessment that provides certainty and orientation. The successful example of information security that we present in the adjacent article is proof of this. And our business performance over the past year testifies to this.

We sold services worth CHF 50.7 million in 2024, exceeding the previous year's sales by 5.5 per cent. We won 452 new mandates net, driven by several standards - in particular those relating to quality, environmental and information security management as well as occupational health and safety. What we offer is in demand.

Our commitment, expertise and seriousness are also reflected in other indicators. In 2024, we were able to further reduce the number of deviations identified by the accreditation and other approval bodies at a low level. And there was not a single appeal against our certification decisions. This success was only possible as a joint effort, which is why we would like to congratulate and thank all our employees.

Despite our down-to-earth approach: We are daring to take bigger leaps! That is why we have designed an organisation for the future in 2024 and taken initial measures to make this vision a reality. Among other things, we provide information on this in the 2024 Corporate Report, under the heading «1.3 Strategic events and developments».

«Born to be down-to-earth»! In a pretty wild world, this is a hit song for us.