The goal of information security is to ensure business operations and minimise the risk of harm by preventing security incidents and reducing their potential impact. The goal is also to protect all personal information against all internal, external, intentional or accidental threats. For this reason, an Information Security Management System (ISMS) has been established and is regularly reviewed for effectiveness and adequacy.
Through this information security policy, the management assumes overall responsibility.
The successful planning, implementation and support of IT infrastructures and complex projects for customers implies fast, secure and up-to-date access to information on which the success of our company depends. Misuse of this information not only damages our image and reputation, but can also result in legal consequences and claims for damages. Accordingly, this misuse must be prevented.
Functioning information technology and security-conscious handling of it are essential prerequisites for our daily work processes and the trust of our customers and business partners.
Our goal is to achieve the highest possible level of information security and to minimise remaining risks.
To achieve this goal, we aim to ensure that the following information security aspects are achieved:
To achieve the security objectives, an information security officer (ISB for short) and an ISMS team are appointed. The ISB and the ISMS team are responsible for creating and updating the security concept and for maintaining the security level. In their function, they report directly to the management.
The ISMS team is provided with sufficient financial and time resources by the management to carry out its activities. The ISMS team shall be adequately supported by the management as well as by the employees and shall be involved in all projects at an early stage in order to take security-relevant aspects into account already in the planning phase. The same applies if personal data is involved. Employees must comply with the instructions of the ISMS team on security-relevant issues. The data protection officer (DPO for short) is part of the ISMS team and is responsible for information security together with the ISB.
The ISMS team is responsible for
Don’t hesitate to contact us if you have any questions.