Company Policy
The services of biX Consulting GmbH & Co. KG are based on customer orientation, reliability, professional know-how and sustainability. In the orientation of our company and the operational activities we consider all stakeholders and fundamentally include our service quality, environmental protection and information security, as well as compliance. Therefore, we have installed an integrated management system (IMS) compliant with ISO 9001 (quality management), ISO 14001 (environmental management) and ISO 27001 (information security).
The general principles and objectives within the integrated management system include:
- the implementation and fulfillment of applicable legal, contractual and other requirements for us and for our services.
- working cooperatively with our partners, customers, suppliers, regulators and other stakeholders and engaging with our stakeholders to support our objectives.
- regularly reviewing our integrated management system for implementation, consistency and effectiveness, and continuously improving the management system.
- cooperative managers who exemplify our corporate philosophy and team spirit.
- highly qualified, reliable and motivated employees
- good internal and external communication
The biX Consulting GmbH & Co. KG pursues with regard to the
quality policy the following additional principles and goals:
- Our highest goal is to achieve the satisfaction of our customers and to meet their expectations.
- Each employee is responsible for the quality of the service he or she provides. It goes without saying that we help each other and act as role models for each other.
- Transparent and clearly defined processes and workflows enable us to work effectively and efficiently.
- Targeted training measures and the transfer of responsibility motivate our employees.
- Targeted selection, monitoring and involvement of our external service providers.
- Error prevention as well as understanding and openness to learn from mistakes.
- We also provide learning and testing environments for quality assurance purposes.
The biX Consulting GmbH & Co. KG pursues with regard to the
environmental policy the following additional principles and goals:
- We are on our way to becoming a climate-neutral company and improve our CO2 balance annually, thus making an important contribution to environmental protection and the preservation of ecosystems.
- Among other things, we do this by using modern energy-saving technology, modern infrastructure and remote communication solutions, and by using solar energy.
- We evaluate the relevant environmental aspects as well as opportunities and risks and also consider the demands of interested parties.
- Energy consumption is constantly measured and monitored. Significant environmental and energy aspects are reviewed and communicated.
- We attach importance to preventing environmental damage and waste in advance and to conserving resources.
- Our managers promote environmentally conscious and energy-saving behavior.
- We influence our contractual partners with regard to environmental protection and our environmental goals.
- Within the framework of compliance, we ensure that binding obligations are also implemented in the environmental area.
The biX Consulting GmbH & Co. KG pursues with regard to the
information security the following additional principles and goals:
- When processing data and information, we comply with the relevant legal, contractual and internal regulations at all times. This applies in particular to personal data and information requiring special protection.
- It is of central importance to us to ensure information security in the sense of confidentiality, integrity and availability regarding the information exchanged for our stakeholders and in particular for our customers.
- To insure that, we have introduced and will continue to maintain the Information Security Management System (ISMS) in accordance with ISO 27001.
- As part of the integrated management system, service processes are designed transparently and secured by an established security organization.
- We ensure that our employees receive further training in data privacy and information security.
- We make information security risks transparent and operate a risk management system with the aim of identifying risks to the integrity, security or confidentiality of data and information and limiting them to an acceptable level.
- Every employee must do his or her part to prevent reputational or financial damage from the loss or manipulation of data or information.
- Changes to systems and applications go through a defined change management process that takes into account data privacy and information security aspects.
- We ensure that employees only have access to data they need in the course of their work.
- Regular internal audits ensure that data privacy and information security requirements are implemented and complied by employees, and that weaknesses are identified and opportunities for improvement are made use of.
- With the ISO 27001 certification, we also aim to demonstrate the security of the organization to customers, legislators, partners, insurance companies and external service providers.