Information Security
Information security
MGE and the data management policy
Great importance
is attributed to Information Security Management, whether it is project data, big data and process data, or personal information of customers and other users.
We have therefore equipped ourselves with an Information Security Policy, which we constantly monitor and increase, partly with the help of independent Companies that carry out assessments through periodic audits. Great attention is given to raising awareness and training of those working in the company on Information Security.
TISAX Label
Achieved to go along with the safety standards required by the automotive industry.
Read more
We have also achieved the Tisax label, issued by the ENX Association, which is required by many automakers as proof of compliance in handling highly sensitive information typical of the automotive industry with high security standards.
TISAX® (literally Trusted Information Security Assessment eXchange) is an Information Security assessment approach based on a maturity model and geared explicitly to the needs of the automotive industry.
This is a standard promoted by the ENX Consortium, a body founded in 2000 that groups automobile manufacturers and supply chain suppliers.
It proposes an approach that applies primarily to first- and second-tier suppliers, but can be extended to more complex supply chains where evaluating the approach to Information Security is a requirement of the car maker.
MGE is synonymous with reliability
Excerpt from MGE's Information Security Policy
“MGE places among its indispensable conditions the utmost attention to protecting the confidentiality, integrity and availability of the data and information it handles, whether its own or that of third parties.
To ensure this, the company has established an Information Security Policy that reflects the importance and significance of information security for the specific organization. In particular, an Internal Information Security Regulation has been established and is adjusted in cases of change management or when critical issues or incidents arise.
The regulations were developed in accordance with applicable laws, signed contracts, the work environment, corporate market strategies, and following athorough assessment of information security risks.”
