It is not enough to adopt a high level of security if we do not also continuously check that it is observed. That is why we have implemented a management system for information security.

Such a system is also called an Information Security Management System, abbreviated to ISMS. Our system is based on relevant controllers from ISO 27001 - an international standard for managing information security. Basically, it is about ensuring that your data does not fall into the wrong hands - as long as it is in our care and before it is deleted forever.

Our ISMS

We are entrusted with our customer’s data stored on the equipment we pick up and process. That creates a great need for mutual trust and in particular, that GDPR is being adhered to.

 

We have implemented a management system for information security - a so called Information Security Management System (ISMS) - based on relevant controllers from ISO 27001.

 

To ensure that we adhere to our internal security requirements, we conduct regular internal controllers and we are also subject to an annual audit by an external law firm.

Our own control and the external audit

The following is entailed in our own controllers and the external audit:

 

  • Data-wipe policy
  • Procedures for auditing of transporters and collaborative partners
  • Procedures for IT security and area security
  • Risk assessment for Danoffice IT Green
  • Controllers