New Data security audit at target (2020)

News
target software

The independent auditor confirms that target has implemented and continuously improved the data security requirements.

Data protection has been a very high priority for all employees at target since the appointment of the data protection officer in 2016. As a contractor of project and maintenance services, target comes into contact with personal data in many cases. In the terminology of the General Data Protection Regulation (GDPR), we are therefore processors.

We want to and must continue to ensure a high level of data security when processing personal data in order to protect the trust that our customers place in us.

All employees at target are sensitised to the topic of data security through regular, mandatory training. In addition, we are audited annually by an independent body to determine whether the required standards are met.

The 2020 audit, which was delayed until the end of the year due to the pandemic, builds on the 2019 report and includes adjustments that have been implemented since that report. The current audit is valid until the end of 2021 and takes into account the audit of critical aspects of data security.

On the one hand, the role of target Software Solution GmbH as a processor was examined more closely. Thus, one focus was on the audit of the automated IT processes and their documentation.

In 2020, target is again independently certified as having a good result. It says: "... Essential requirements and suggestions for improving the individual points were examined and - where possible - implemented. Due to the implemented measures, a clear improvement of the rating was achieved. Individual areas have to be reviewed regularly due to the constant changes in the systems and will therefore be part of the audit again in the coming year (2021) ..."

Among other things, the technical organisational measures (TOM) were examined, in detail for the sub-areas of admission and entry control, access control, data carrier control, storage control, user control, transmission / transport control, input control, recoverability / reliability / availability, data integrity, order control and evaluation / monitoring and organisational control.

Measures were defined and implemented with our data protection officer for each of the aforementioned sub-areas of data security. Further contingency plans were developed and the  directories of procedures were completed.

Another focus was the review of the contracts for commissioned processing with critical service providers and their TOM. A Controller Processor Agreement exists between these service providers and target in accordance with the current specifications of the Gesellschaft für Datenschutz und Datensicherheit e. V. (GDD). target ensures that the service providers are carefully selected with regard to data security. The data security measures of critical service providers are checked every 12 months at the latest, of other service providers every 24 months.

At target, data protection and data security is a topic that is treated with high priority and is continuously developed - depending on the technical possibilities.

Back
[Translate to EN:]
[Translate to EN:]
[Translate to EN:]
[Translate to EN:]
target top
This Website uses Cookies

We store technically necessary cookies, without which the operation of the site is not possible. In order to provide you with a better user experience on our website, we would also like to evaluate anonymous analysis data. Which tools we use for this purpose and further information can be found in our Privacy Policy and in our Legal Notice.

Accept technically required cookies only

On our website you will find interesting videos and maps hosted on YouTube/Google Maps. The videos and maps are used without a cookie, but data is still loaded from google servers, which means that your surfing behaviour can be recorded by Google.

Name Google Analytics
Anbieter Google LLC
Zweck Cookie von Goolge für Website-Analysen, mit dem statistische und anonymisierte Daten darüber erfasst werden, wie der Besucher die Website nutzt.
Datenschutzerklärung policies.google.com/privacy
Cookie Name _ga,_gat,_gid
Cookie Laufzeit 14 Monate