LEGEN SIE IHRE PRIVATSPHÄREEINSTELLUNG FEST

Diese Webseite nutzt Cookies, um Ihnen bestimmte Funktionen zur Verfügung stellen zu können und Ihnen die Nutzung der Webseite zu erleichtern. Einige dieser Cookies sind technisch zwingend notwendig, um gewisse Funktionen der Webseite zu gewährleisten und können nicht deaktiviert werden. Neben den technisch notwendigen Cookies verwenden wir das Tracking-Tool Matomo, um Informationen über das Benutzerverhalten auf dieser Webseite zu gewinnen und unsere Webseite auf Basis dieser Informationen stetig zu verbessern.

Sie können im Folgenden selbst entscheiden, ob Sie der Verwendung von Cookies zur Erfassung des Benutzerverhaltens zustimmen. Vorher werden diese Cookies nicht eingesetzt und ihr Benutzerverhalten nicht erfasst. Ihre persönlichen Einstellungen zu Cookies können Sie jederzeit ändern, indem Sie unten im Fenster auf "Cookie-Einstellungen" klicken, nachdem dieser Dialog geschlossen wurde.

Information security policy
terranets bw

The availability of relevant information is essential for the quality of work deliverables. terranets bw maintains a transparent information policy that must be combined with appropriate protection of information in accordance with state-of-the-art technology and know-how. To achieve this, suitable information security measures must be taken and continuously developed.

The aim is to protect information held by terranets bw from external and internal threats caused by intentional or accidental actions.

The subject matter of protective measures constitutes all information such as digital data on servers, mobile devices, removable storage media etc. that can be transmitted via networks, information in paper form, printed or handwritten, as well as information that can be passed on verbally or by telephone.

In order to ensure the protection of this information, terranets bw has introduced an Information Security Management System (ISMS) that is continuously updated and developed. For the application  field “Network Control / Network Monitoring“ terranets bw will maintain regular certification based on the IT Security Catalogue standard pursuant to Section 11 (1a) of the Energy Industry Act (EnWG).

Securing reliable and continuous operation of critical infrastructures of the gas transmission system and the underground gas storage facilities is a central aim for ensuring the security of supply for natural gas in Baden-Württemberg and adjacent regions by terranets bw.
 

PRINCIPLES OF Information security

The Information Security Management System of terranets bw is based on the following principles:

  1. We protect valuable and confidential information belonging to terranets bw and that of our business partners from unauthorised access across all communication interfaces (“confidentiality“).
  2. We protect information from unauthorised changes (“integrity“).
  3. We ensure access to current and necessary information as well as to supporting procedures and systems (“availability“).
  4. We maintain reliable and continuous operation.
  5. We comply with legal and contractual requirements, in particular with the IT Security Catalogue pursuant to Article 11 (1 a) of the Energy Industry Act (EnWG).
  6. Based on annual objective programmes, we have implemented a continuous and sustainable improvement process with identification, evaluation and management of existing information security risks.
  7. Within the framework of the ISMS, all company values are considered, especially in the application field “Network Control / Networking Monitoring“. Company values include for example business processes, information, documents and technologies or infrastructure (control systems, information and telecommunication technology, networks, etc.) as well as company locations and employees.
  8. Our ISMS contributes to protecting ourselves from potential threats to our company values by using technical and organisational measures in an appropriate and economically viable way.
  9. Each one of us treats the information put at our disposal with care; we report any possible threats or weak spots directly to the named places and thus contribute to continuously improving our ISMS.

The ISMS of terranets bw

The terranets bw management team strives to continually improve the ISMS and comply with legal, contractual and organisational stipulations.

requirements for employees and managers of terranets bw

All managers are directly responsible for implementing and complying with the principles of information security and the valid documents of the ISMS manual within their organisational units.

Every employee is responsible for complying with the principles of information security. The ISMS manual along with all other complementary guidelines, procedural instructions and process descriptions are binding for employees and managers and serve to ensure that the information security requirements are continually fulfilled. The regulations are therefore to be observed at all times. Should this not be possible in justified cases, a security incident is to be reported to the information security officer including the grounds for non-compliance in accordance with the process “Dealing with Security Incidents“. This process serves to initiate the continuous improvement process.

Non-compliance with information security regulations may lead to disciplinary steps under labour law.

Steering of documented Information

Proprietary documentation serves to secure the value creation of terranets bw and is at all times generated, updated and stored under the principles of effectiveness and economic appropriateness (efficiency). In all cases, the requirements for steering documented information in the ISMS are to be observed.

Information security officer

The Information Security Officer exercises a central role in the ISMS of terranets bw. He or she is responsible, in particular, for initiating and maintaining the continuous improvement process pertaining to the ISMS as well as for providing regular training for employees and managers relating to the internal ISMS regulations needed.

The Information Security Officer of terranets bw is to be consulted in questions of interpretation and in cases of doubt.


Certification of our Information security

terranets bw fulfils the requirements of the regulations set out in the IT Security Catalogue pursuant to Article 11 (1a) of the Energy Industry Act (EnWG) (08/2015).

In January 2018, a certification audit serving to test the Information Security Management System at terranets bw was conducted by independent, external auditors. Based on the audit report, the effectiveness of our management system was confirmed. terranets bw will deploy this system for further developing and improving its processes. The certificate issued is valid until 28.01.2021 and is checked by TüV Rheinland Cert GmbH annually. 

Download Zertifikat IT-Sicherheitskatalog