// Information Security
What happens at GOD, stays at GOD.
The increasing digitization and networking of the world is essential for us as an IT service provider.
Responsibility
Classification of information
Security goals of GOD
Ensure confidentiality, integrity and availability of data from GOD and our business partners
Make service processes transparent and strenghten them through an established security organization
Recognise information security risks and limit them to an acceptable level
Prevent reputational or financial damage from loss of data or information
Prove the security of the organization to customers, legislators, partners, insurance companies and suppliers
Our principles
GOD conducts regular training courses for employees on data protection and IT security issues
GOD protects the confidentiality and integrity of customer data. It proves this in a form that makes it easy for potential customers to assure themselves of the appropriateness of the measures taken and to use GOD as a service provider
GOD uses an authorization concept according to which employees only receive the authorisations they need for their work
Data and information are classified and processed using procedures that are appropriate to their classification
GOD operates a risk management system with the aim of identifying risks to the integrity, security or confidentiality of data and information and limiting them to an acceptable level
Changes to systems and applications are subject to a defined improvement management process that takes into account aspects of data protection and information security
Regular internal audits ensure that the data protection and information security requirements are implemented and adhered to by employees, and that weak points are identified and opportunities for improvement are used