Company Politics

Company and Business Purpose

collaboration Factory GmbH offers its customers a unique combination of profound industry expertise, highly innovative software and many years of methodical practical experience. Our flexible platform cplace is an agile software solution for individual business processes – dynamic, efficient and tailor-made for every challenge. In this way we help leading technology companies to successfully plan and implement their projects.  

Our extensive technological ecosystem is constantly growing and offers more and more apps with different technical focuses and goals. The cplace partners contribute to the value of the platform with their development competence and domain-specific expertise. This cooperation with selected, highly competent companies is an essential component of our business model. The collaboration Factory ensures the consistency and functionality of this ecosystem.  

The code is open to customers and partners who work with us to continuously expand and improve the platform. According to our ecosystem, our company is divided into administration, operations, development products, development projects, consulting, marketing and sales. The head office is located in Munich. 

The organization also considers the impact of climate change on its business processes and integrates appropriate measures for risk mitigation and sustainability. 

Scope of Applicability

Competition demands not only the production and delivery of high-quality software, but also proof of the quality and security of internal processes. This Company politics addresses this requirement with regard to the security and quality of information processing within our company. It therefore applies to the whole company. The focus of the application area is the core process / value chain of the collaboration Factory. The most important assets, processes and information are derived from this process. The most important interfaces are also located here and almost all departments are involved in this process.  

Our product cplace is designed as a shared source ecosystem and therefore has a broad base of users as well as developers and consultants from our partner companies and customers. Therefore the interfaces to the partners are an essential part of the scope and are covered by the partner management and its processes. In addition to the cooperation in partnership with other companies, the Integrated Management System is the basis for a secure and thus complete joint work. Partner companies are informed in accordance with our ISMS policy and audited if necessary.

Requirements, Objectives, Risks and Opportunities

The trust of our customers and ultimately our business success are based on the fact that we are able to  

• comply with the legal requirements and, last but not least, the data protection laws (compliance)
• protect our trade secrets  
• maintain the confidentiality of our customers data  
• to complete our projects and services in the planned or assured time  
• deliver and archive integrated products (software) securely  

Against this background, the business success of our company is dependent on our recognizing existing risks and opportunities for the aforementioned goals according to our company risk management, avoiding or reducing the risks through suitable measures and treating remaining risks appropriately. Risks include incomplete or incorrect compliance with legal requirements, unauthorized and possibly unnoticed disclosure of trade secrets, violation of our customers’ specifications due to system failure, loss of data, unauthorized disclosure of information.   

Importance of Security

Against the background of external and internal requirements, but above all the security requirements of our customers, information security must be an integral part of our corporate culture. Every employee must be aware of the necessity of information security and know the fundamental effects of risks on business success.  

Importance of Quality Management 

Since customer / stakeholder satisfaction is one of our important objectives, quality management at collaboration Factory is very important and part of our culture. Every employee must be aware and pro-actively contribute to our quality management and take our guidelines and requirements seriously. Our ambition is to deliver a high quality and reliable product, which satisfies our customers and market requirements.  

Consideration of Climate Change

The organization recognizes the importance of climate change and its potential impact on our business processes. To address these challenges, we commit to the following measures: 

• Reducing our carbon footprint:
  We actively strive to reduce our greenhouse gas emissions. 
• Sustainable procurement:
  We prioritize suppliers and partners who practice environmentally friendly methods. 
• Risk management:
  We integrate climate change risks and chances into our existing risk management system. 
• Training and awareness:
  We provide our employees with training and awareness programs to promote understanding of climate change and its impact on our organization. 

Basic Regulations 

The management for the implementation of the security objectives has a staff function “Information Security Officer”. For ensuring customer satisfaction, the “Quality Management Officer” takes care of the quality objectives. The management has entrusted this units with the task of establishing uniform guidelines for the security and quality process, ensuring that all employees are made sufficiently aware of the issue, and ensuring that all guidelines are complied with, or are appropriately reviewed. To maintain the confidentiality, integrity, availability, and authenticity (where applicable) of data and systems, suitable measures shall be presented and implemented in a security concept based on our risk assessments.   

For information security appropriate technical, organizational, and infrastructural measures shall be taken to control access to sensitive systems, security zones and critical infrastructure facilities, as well as access to critical information and applications, and to allow only authorized persons to do so. Access and access authorizations are only issued and withdrawn according to formalized application procedures if required. If required, the employees of our company receive special security rules for the respective workplace, which include an obligation to report security incidents.   

For our quality management, organizational and processual measures shall be taken to ensure the quality of our value chain and processes, according to our process landscape. To achieve this, we defined measures and guidelines to ensure quality within the organization and within all departments. Information is key and therefore documentation and communication are important instruments for us and help us to achieve our ambition.  

All employees must regularly take part in security and quality training courses offered. Against the background of the above security objectives, appropriate evidence of compliance with all security measures shall be provided and archived. The documents, reports, etc. concerning the information security and quality management are to be subjected to an orderly document management, in which the production, release, distribution, archiving are regulated.   

Obligations of the Management

The management will actively support the security and quality organization and its processes. Our company will commit itself on the ISO27001 & TISAX, ISO 9001 and GDPR and implement the management elements of these standards and regulations. These include the conduct of regular internal audits, appropriate management of documentation and records, a management review and the application of the Continuous Improvement Model (PDCA).