In an environment in which information constitutes one of the most valuable assets and digital threats continue to increase, it is imperative that we assume responsibility - for our data, for our clients, and for our company.
As a management consulting firm operating in the financial sector, we handle highly sensitive information. Our clients place their trust in us; this trust is among our most valuable assets and must be protected accordingly.
For this reason, we make targeted investments in our Information Security Management System (ISMS) and consistently raise awareness among all employees regarding the responsible handling of information. We consider it our obligation to firmly embed information security within our corporate culture.
Information security constitutes a fundamental prerequisite for sustainable business success, and we take the associated responsibility with the utmost seriousness.
As Management, our declared objective is to ensure information security within our organisation at the highest level. With this guideline, we address all employees as well as our clients and partners.
We protect the confidentiality, integrity, and availability of all information entrusted to us—both from clients and from employees. Information security is a core component of our corporate strategy and a prerequisite for sustainable success and trust.
Confidentiality: Your data and information are viewed and processed only by authorized persons.
Integrity: We ensure that data remain accurate and unaltered.
Availability: Our systems and information are reliably available to you and to us.
Transparency: We document our processes and communicate openly about measures and changes.
We have implemented an Information Security Management System (ISMS) in accordance with ISO/IEC 27001, which is regularly reviewed and continuously improved.
Risks to information security are regularly analyzed, assessed, and treated in a systematic manner. In particular, we keep a close eye on the growing threat of cybercrime.
All employees receive regular training and awareness-building measures.
We comply with all legal, regulatory, and contractual requirements.
We continuously review and improve our ISMS through audits and management reviews.
We strengthen our resilience through systematic supplier management and emergency management.
From our employees:
Responsible conduct, compliance with all information security requirements, active participation in improvement efforts, and immediate reporting of weaknesses or incidents.
From our clients and partners:
Trust in our processes and openness to working together on implementing security measures.
From our suppliers:
Compliance with the required IT security level in accordance with the state of the art, with regular review.
Management provides all necessary resources and leads by example with regard to the values of information security. We stand for open dialogue and invite you to address any questions or suggestions at any time to us or to our Information Security Officer.
