In our highly sensitive business area, maximum reliability, confidentiality and integrity are essential when handling sensitive data. We have therefore implemented a company-wide information security management system, which has been certified by TÜV Süd in accordance with ISO 27001.
Among other things, we ensure that all technical and organizational measures are always implemented to meet the requirements of the Federal Data Protection Act.
We fulfill all requirements for information security and data protection
Confidentiality and information
All sensitive information is only accessible to those persons who are authorized to use this data.
Integrity of information
All relevant information is reliably protected against unauthorized or unintentional processing, modification or deletion.
Availability of information
Information is only available to authorized persons to the extent required – at the right place and at the agreed time.
Monitoring and optimization
We regularly review the effectiveness and efficiency of the ISMS in internal audits, thereby ensuring a continuous optimization process.
Information security management results
Improved employee safety
Die Beschäftigten sind sich ihrer Verantwortlichkeit bewusst und kennen die besonderen Anforderungen hinsichtlich Informationssicherheit. Das Vorgehen bei ungeplanten Vorfällen ist eindeutig vorgegeben.
Optimal management of assets and information
Employees are aware of their responsibilities and know the special requirements regarding information security. The procedure for dealing with unplanned incidents is clearly defined.
Access controls for sensitive data and systems
A control system ensures that only authorized persons have access to relevant data, networks and facilities.Access is strictly monitored and access rights are checked regularly.
Physical and environmental safety
All security-relevant values are located in monitored security zones. Hardware is monitored, protected and regularly maintained. The procedure in the event of faults is defined in detail.
Secure information transfer
The security of transmitted information – both within the company and with customers and external parties – is guaranteed at all times. This is regulated in the supplier contracts, among other things.
Optimized compliance
Violations of legal, regulatory, self-imposed or contractual obligations relating to information security as well as violations of security requirements are reliably avoided.