Our Solution Expertise
Ranging from stand-alone deliverables to long-term solutions – we have decades of experience and are a reliable partner to a wide range of customers.

OTTO CHEMIE - IT Compliance

OTTO CHEMIE Successfully Implemented IT Compliance with a Comprehensive IT Solution from InfraServ Gendorf.

Initial Situation

Hermann Otto GmbH (OTTO-CHEMIE) - a leading European manufacturer of premium sealants and adhesives with headquarters in Fridolfing - took the opportunity of tightenedstatutory regulations to have the company's IT compliance audited. The focus was on adequate security of the company's data with respect to confidentiality, access and integrity, including compliance with all statutory regulations. InfraServ Gendorf was retained to develop a comprehensive concept for implementing a compliance policy for OTTO-CHEMIE. OTTO-CHEMIE's stated objective was that existing risks needed to be mitigated with a minimum of effort.


The best approach for tackling this topic was to conduct an end-to-end IT security analysis by the data security specialists from InfraServ Gendorf. In addition to reviewing the company-relevant data, IT systems and applications with respect to confidentiality, access, and integrity, this analysis also determined whether the underlying statutory and regulatory mandates were being met.  Another important aspect of this review also included the employees:

Instilling and reinforcing a personal awareness for protecting sensitive data is an important element of successful and most of all sustainable compliance implementation.

 In addition, the existing business processes were documented together with OTTO CHEMIE as part of a technical segment. This was followed by a protection requirements analysis in order to identify mission-critical business processes. The as-is state was assessed pursuant to the criteria established by the Federal Ministry for Information Technology Security (Bundesamt für Sicherheit in der Informationstechnik - BSI). This formed the basis for deriving important findings pertaining to the company's data security procedures.

As part of a second segment, the employees were surveyed using special software in consideration of anonymity and data protection about their know-how with respect to IT security. The results were used to develop action plans to sustainably foster security awareness.


OTTO-CHEMIE management was immediately able to see the level of risk exposure for their business processes and their employee-related security topics. Economically optimized action plans were proposed as the next steps for the technical and human factors on the basis of this analysis. Other proposals addressed the statutory framework conditions to ensure that the most important compliance requirements are met, and to mitigate personal liability risks of executives.

By acting on the improvement opportunities, OTTO-CHEMIE positioned itself among those companies who address these topics of existential nature to the company in a responsible and sustainable manner.

 "InfraServ Gendorf helped us to greatly simplify addressing IT compliance and impressed us with their sophisticated implementation."

(Carlo Biller, IT Manager OTTO CHEMIE).