In our highly sensitive business field, a high level of reliability, confidentiality, and integrity in handling sensitive data is essential. Therefore, we have implemented a cross-company Information Security Management System (ISMS) that has been certified by TÜV Süd according to ISO 27001.
This ensures, among other things, that all technical and organizational measures are always implemented to comply with the requirements of the Federal Data Protection Act.
We comply with all information security and data protection requirements
Confidentiality and information
All sensitive information is exclusively accessible to those individuals who are authorized to use this data.
Integrity of information
All relevant information is reliably protected against unauthorized or unintentional processing, alteration, or deletion.
Availability of information
Information is only available to authorized individuals to the necessary extent – at the right place and at the agreed-upon time.
Control and optimization
In internal audits, we regularly assess the effectiveness and efficiency of the ISMS, thereby ensuring a continuous optimization process.
Results of information security management
Enhanced personnel security
Employees are aware of their responsibility and understand the specific requirements regarding information security. The procedures for unplanned incidents are clearly defined.
Optimal management of assets and information
All assets and stored information of the organization are identified, inventoried, and classified. Their handling (e.g., securing, deletion) is clearly defined and appropriate.
Access controls for sensitive data and systems
A control system ensures that only authorized individuals have access to relevant data, networks, and facilities. Access points are closely monitored, and access rights are regularly reviewed.
Physical and environmental security
All security-relevant assets are located in monitored security zones. Hardware is monitored, protected, and regularly maintained. Procedures for disruptions are detailed and well-documented.
Secure information transmission
The security of transmitted information – both within the company and with customers and external entities – is always ensured. This is regulated, among other things, in the supplier contracts.
Optimized compliance
Violations of legal, regulatory, self-imposed, or contractual obligations related to information security, as well as breaches of security requirements, are reliably avoided.
Your point of contact
Jörg Zahoransky
IT-management