TISAX® certified

Responsible and trained Soft Project employees for compliance with TISAX regulations, emergency management and emergency press office are:

  • Karl Schrader, karl.schrader@soft-project.de, 0049 173 9081917

  • Nadine Schrader, nadine.schrader@soft-project.de, 0049 152 56825058

  • Mirza Meskic, mirza.meskic@e-motion.ba, 0049 172 5711514

The following documents are relevant to information security for employees and cooperation partners (always the latest version):

  • Information Security Policy - Security Standards_SP_GmbH

  • Safety instructions for users

  • Security instructions for administrators

  • Security guideline for IT use

  • IT Equipment Security Policy

  • Emergency preparedness concept

  • File Sharing and File Transfer Policy

  • Password policy

  • Physical Access Policy

  • Computer virus protection concept

  • Software Installation Policy

  • IM Security Policy

  • Use of modems

  • IT incident-report-template

  • Organizational chart Soft Project GmbH

  • Exceptional situations regulation_Vxxx.doc

  • Fire protection regulations_Soft Project GmbH.docx

  • Home Office Regulation.doc

  • Smartphone usage.doc

  • Rights Matrix

  • Training and awareness-raising concept

  • Security Policy_Internet Usage

  • Risk Register

  • Risk management – process description

  • Process description internal audit

  • Internal audit checklist

  • Software Developer Position Requirements and Hiring Process

  • Process description user management

  • Request for user reg. - Dereg. Rights changes

  • Emergency process for recovering key material

  • Change management and process

  • System audit requirements and process

  • Process for collecting and registering laws and regulations

  • Classification of cooperation partners – process

  • Confidentiality and Information Security Statement

  • Regulation for the protection of employee data

  • Checklist - Regulation for the protection of employee data

  • Training and awareness concept Vxxx.docx

  • Safety standards_SP_GmbH_Vxxx.docx

  • Wireless Security Access Policy_Vxxx.docx

Details about the use cases of the documents can be found in “ISMS_Overview_Soft_Project_Vxxx.docx”.

Necessary and regular exercises, controls, classifications, approval and training:

  • Exceptional situations (directory: Tisax\Current documents\Exceptional situations regulation)

  • Fire protection regulations (directory: Tisax\Current documents)

  • Classification of cooperation partners (Tisax\Current documents\Classification of cooperation partners)

  • Approval of the Information Security Policy (Tisax\Current Documents\Approval of the Information Security Policy)

  • Release of IT services outside the organization (Tisax\Current Documents\Release of IT services outside the organization

  • Collection of key figures (directory: Tisax\Current documents)

  • Release of IT services outside the organization (Tisax\Current documents\Release of IT services outside the organization)

  • Risk management – ​​Risk register (Tisax\Current documents)

  • Audit report ISR compliance - (Tisax\Current documents\Audit report ISR compliance)