Description of Image Learn More
path-7-path Created with Sketch. path-7-path Created with Sketch.
// Information Security

What happens at GOD,
stays at GOD.

The increasing digitization and networking of the world is essential for us as an IT service provider.
The increasing digitization and networking of the world is essential for us as an IT service provider. But unfortunately it also brings risks with it. Cyber attacks have become a serious threat that requires special attention. This not only endangers our digital data but also our everyday life. For this reason, we at GOD have established appropriate procedures, processes and mechanisms to protect our data and information as well as that of our customers, employees, and suppliers to the greatest extent possible.

We have formulated our information security strategy in our information security policy.
Responsibility
The management of GOD considers information security to be an indispensable quality feature of our service processes. Compliance with the necessary internal information security guidelines is one of the fundamental principles of the company philosophy. All employees of the company must understand the indispensable necessity in order to carry out the daily tasks in this sense.

The management supports and promotes the necessary structures and processes. The board nominated persons responsible for implementation of this information security policy in procedural instructions, work instructions and documentation, and anchoring it in day-to-day business.

The management provides the necessary resources in the form of employee capacity and money and undertakes to regularly review and continuously improve the appropriateness and effectiveness of the information security management system.

Janine Brauer was appointed as head of the Integrated Management System and Information Security Officer to deal with the issues of information security, certifications and TISAX.
Classification of information
GOD uses classification levels. These are specified in the “Classification of Information” work instruction.
Security goals of GOD

Ensure confidentiality, integrity and availability of data from GOD and our business partners

Make service processes transparent and strenghten them through an established security organization

Recognise information security risks and limit them to an acceptable level

Prevent reputational or financial damage from loss of data or information

Prove the security of the organization to customers, legislators, partners, insurance companies and suppliers

Our principles

GOD conducts regular training courses for employees on data protection and IT security issues

GOD protects the confidentiality and integrity of customer data. It proves this in a form that makes it easy for potential customers to assure themselves of the appropriateness of the measures taken and to use GOD as a service provider

GOD uses an authorization concept according to which employees only receive the authorisations they need for their work

Data and information are classified and processed using procedures that are appropriate to their classification

GOD operates a risk management system with the aim of identifying risks to the integrity, security or confidentiality of data and information and limiting them to an acceptable level

Changes to systems and applications are subject to a defined improvement management process that takes into account aspects of data protection and information security

Regular internal audits ensure that the data protection and information security requirements are implemented and adhered to by employees, and that weak points are identified and opportunities for improvement are used

Contact

Janine Brauer

ims@god.de

+49 (0) 531 23767-420