Company Policy
The quality of the services provided by biX Consulting GmbH & Co. KG is based on customer orientation, reliability, expertise and sustainability. When aligning our company and operational activities, we take all stakeholders into account and always include our service quality, environmental protection, information security and compliance. We have therefore installed an integrated management system (IMS) in accordance with ISO 9001 (quality management), ISO 14001 (environmental management) and ISO 27001 (information security, cyber security and data protection).
The general principles and objectives within the integrated management system include:
- The implementation and fulfillment of the applicable legal, contractual and other requirements for us and for our services.
- Working cooperatively with our partners, customers, suppliers, authorities and other interest groups and influencing our stakeholders to support our goals.
- regularly reviewing our integrated management system for implementation, consistency and effectiveness, and continuously improving the management system.
- cooperative managers who exemplify our corporate philosophy and team spirit.
- highly qualified, reliable and motivated employees
- good internal and external communication
The biX Consulting GmbH & Co. KG pursues with regard to the
quality policy the following additional principles and goals:
- Our highest goal is to achieve the satisfaction of our customers and to meet their expectations.
- Each employee is responsible for the quality of the service he or she provides. It goes without saying that we help each other and act as role models for each other.
- Transparent and clearly defined processes and workflows enable us to work effectively and efficiently.
- Targeted training measures and the transfer of responsibility motivate our employees.
- Selecting, monitoring and integrating our external service providers in a controlled manner.
- Error prevention as well as understanding and openness to learn from mistakes.
- We also provide learning and testing environments for quality assurance purposes.
The biX Consulting GmbH & Co. KG pursues with regard to the
environmental policy the following additional principles and goals:
- We are on our way to becoming a climate-neutral company and are improving our carbon footprint every year, thereby making an important contribution to environmental protection and the preservation of ecosystems.
- Among other things, we do this by using modern energy-saving technology, modern infrastructure and remote communication solutions, and by using solar energy.
- We evaluate the relevant environmental aspects as well as opportunities and risks and also consider the demands of interested parties.
- Energy consumption is constantly measured and monitored. Significant environmental and energy aspects are reviewed and communicated.
- We attach importance to preventing environmental damage and waste in advance and to conserving resources.
- Our managers promote environmentally conscious and energy-saving behavior.
- We influence our contractual partners with regard to environmental protection and our environmental goals.
- Within the framework of compliance, we ensure that binding obligations are also implemented in the environmental area.
The biX Consulting GmbH & Co. KG pursues with regard to the
Security, Cyber Security und Data Protection
the following additional principles and goals:
- When processing data and information, we comply with the relevant legal, contractual and internal regulations at all times. This applies in particular to personal data and information requiring special protection.
- It is of central importance to us to ensure information security in terms of the confidentiality, integrity and availability of the information exchanged for our stakeholders and for our customers. We also strive to ensure business operations on an ongoing basis in terms of business continuity.
- To insure that, we have introduced and will continue to maintain the Information Security Management System (ISMS) in accordance with ISO 27001.
- As part of the integrated management system, service processes are designed transparently and safeguarded by an established security organization and applicable information security measures in accordance with ISO 27001.
- We ensure that our employees receive further training in data privacy and information security.
- We make information, cyber and data protection security risks transparent and operate a risk management system with the aim of identifying risks to the integrity, security or confidentiality of data and information and limiting them to an acceptable level.
- Every employee must do his or her part to prevent reputational or financial damage from the loss or manipulation of data or information.
- Changes to systems and applications follow a defined change management process that takes data protection, information security and cyber security aspects into account.
- We ensure that employees only have access to data that they need for their work.
- Regular internal audits ensure that data privacy and information security requirements are implemented and complied by employees, and that weaknesses are identified and opportunities for improvement are made use of.
- With the ISO 27001 certification, we also aim to demonstrate the security of the organization to customers, legislators, partners, insurance companies and external service providers.