Security measures

Scope: This annex describes Glesys’ technical and organizational measures for managing cybersecurity risks and supporting compliance with the NIS2 security risk management requirements. Our Integrated Management System (IMS) integrates ISO 9001, ISO 14001, and ISO/IEC 27001:2022 across our operations.

IMS Scope Statement

Important scope note (customer data): Glesys’ IMS scope excludes customer data hosted on Glesys infrastructure. Customers retain ownership and responsibility for the security and management of their data as described in applicable service agreements.

Annex use and updates

This annex is provided as an informational overview for customers. Glesys maintains the underlying policies, guidelines, and evidence within its IMS and reviews key documents at least annually as part of its document management and improvement practices.