We place great value on protecting the information entrusted to us. This is why we introduced an information security management system (ISMS) that was certified in 2019 in accordance with ISO 27001 based on the Federal Office for Information Security’s “IT-Grundschutz” guidelines. The ISMS is audited by external auditors every year.
The aim of the ISMS is to ensure the three basic principles of information security, i.e. confidentiality, availability, and integrity. It defines security measures that protect our business processes, IT systems, and information from potential dangers such as intentional attacks on our IT structures, negligent actions, or technology failures. In addition to technical aspects, the ISMS also considers aspects related to organization, personnel, and structure/infrastructure. At the heart of the information security process is a continual improvement process that evaluates the performance of information security by means of revisions, leading to constant improvement.
A decisive factor in the success of the ISMS is the correct handling of the information to be protected, which is why we regularly train our employees on all topics relating to information security and implement sensitization measures.