Security practices
Überprüft am 30. April 2026
Information security management system overview
How our ISO/IEC 27001 aligned ISMS is structured, governed and continually improved.
PDF herunterladen
Verantwortlich: Head of Security
Our information security management system (ISMS) is the set of policies, processes and controls we operate to keep customer data safe. It is governed by a cross-functional Security Steering Committee that meets monthly and is chaired by our CTO.
Scope
The ISMS covers all production systems that process customer data, all employees and contractors, and all third-party services we rely on.
Governance
- Annual external audit by NQA against ISO/IEC 27001:2022.
- Quarterly internal control reviews against the Statement of Applicability.
- Annual penetration testing by an independent CREST-accredited firm.