Information security

ISO 27001 - certified by TÜV Süd since 2019

In our highly sensitive business area, maximum reliability, confidentiality and integrity are essential when handling sensitive data. We have therefore implemented a company-wide information security management system, which has been certified by TÜV Süd in accordance with ISO 27001.

Among other things, we ensure that all technical and organizational measures are always implemented to meet the requirements of the Federal Data Protection Act.

Iso 27001 2017 Zertifikat En Gueltig Bis 04.07.2025

We fulfill all requirements for information security and data protection

Confidentiality and information

All sensitive information is only accessible to those persons who are authorized to use this data.

Integrity of information

All relevant information is reliably protected against unauthorized or unintentional processing, modification or deletion.

Availability of information

Information is only available to authorized persons to the extent required – at the right place and at the agreed time.

Monitoring and optimization

We regularly review the effectiveness and efficiency of the ISMS in internal audits, thereby ensuring a continuous optimization process.

Information security management results

Improved employee safety

Die Beschäftigten sind sich ihrer Verantwortlichkeit bewusst und kennen die besonderen Anforderungen hinsichtlich Informationssicherheit. Das Vorgehen bei ungeplanten Vorfällen ist eindeutig vorgegeben.

Optimal management of assets and information

Employees are aware of their responsibilities and know the special requirements regarding information security. The procedure for dealing with unplanned incidents is clearly defined.

Access controls for sensitive data and systems

A control system ensures that only authorized persons have access to relevant data, networks and facilities.Access is strictly monitored and access rights are checked regularly.

Physical and environmental safety

All security-relevant values are located in monitored security zones. Hardware is monitored, protected and regularly maintained. The procedure in the event of faults is defined in detail.

Secure information transfer

The security of transmitted information – both within the company and with customers and external parties – is guaranteed at all times. This is regulated in the supplier contracts, among other things.

Optimized compliance

Violations of legal, regulatory, self-imposed or contractual obligations relating to information security as well as violations of security requirements are reliably avoided.

Your contact person

Jörg Zahoransky

IT Security Manager