Information Security Strategy & ISMS

Security starts with strategy – at Glue IT operations & security, information security is not a project, but a contn inuous process. We protect your data, systems, and processes according to the highest standards – transparently, measurably, and traceably.


Scope of Application
Our information security strategy applies to:

  • All employees of Glue IT operations & security
  • Third parties who perform tasks or provide services on our behalf
  • Customers and visitors who have access to our systems or information

The use of information assets of any kind implies acceptance of our ISMS principles. Responsibility and implementation lie with the Chief Information Security Officer (CISO), in close coordination with executive management.


Objectives of Our Information Security Strategy

  • Understand, assess, and reduce strategic and operational information security risks to an acceptable level
  • Ensure the confidentiality, integrity, and availability of all customer information and business-critical data
  • Consistently comply with agreed Service Level Agreements (SLAs)
  • Comply with all relevant laws, regulations, regulatory requirements, and internal policies


Principles of Information Security
We act according to clearly defined principles to sustainably embed information security:

  • Risk Management: Risks are identified, assessed, and treated – continuously monitored
  • Employee Awareness: All employees are trained and sensitized according to their roles
  • Commitment to Security: Every employee actively commits to information security
  • Incident Management: Security incidents are reported, analyzed, and resolved according to defined procedures
  • Business Continuity: Plans for resuming business operations after incidents are implemented
  • Law & Compliance: All legal, contractual, and internal requirements are complied with
  • Transparent Processes: Policies, processes, and procedures are accessible to authorized persons at all times
  • Resource Allocation: Adequate financial and personnel resources are provided for security measures


Continuous Improvement
Our information security strategy is dynamic. Technical, organizational, and operational measures are regularly monitored, reviewed, and adjusted. This ensures that security levels, compliance, and resilience remain up to date.


Trust Through Experience

  • Many years of ISO experience: ISO 27001 certified since 2011 (formerly as fence IT)
  • Regular audits: Surveillance audits, most recently successfully completed in 2024
  • Integrated security culture: Security principles are embedded in all processes and projects at Glue


Your Partner for Information Security
With Glue IT operations & security, you choose a partner who implements information security consistently, transparently, and sustainably – so you can focus on your core business.