Menu

Company

Privacy and Security Assessment process

The Privacy and Security Assessment process (PSA process) is a core element in safeguarding security and data privacy at Deutsche Telekom.

Data privacy and security are continuing to grow in significance. This fact is illustrated by the rapid rise in politically and criminally motivated cyber attacks. Around the world, individuals, organizations, and corporation, such as Deutsche Telekom, are being targeted. Data privacy and security are particularly pivotal for Deutsche Telekom, since our services are based on our customers' trust in security.

Deutsche Telekom recognized the resulting challenges at an early stage and responded by developing and introducing a tailored solution: the Privacy and Security Assessment (PSA).

The PSA process guarantees that all development projects meet the strictest technical security and data privacy requirements.

The PSA process has the following goals

  • A consistent and adequately high security and data privacy level in all products, systems and platforms.
  • An integrated and standardized process for technical security and data privacy as a deeply rooted element of product and system development processes.
  • A support level adapted to project complexity and criticality through the introduction of categorization at the start of each development project.

Small steps for a project, one giant leap for data privacy and security

The characteristic of the PSA process is simplicity and clearness. The reduction on essential steps supports the efficiency and complete use for all relevant projects of Deutsche Telekom group.

First step is a categorization of the project. Hereby the security relevance will be identified. This is necessary for prioritization reasons due to the high amount of IT and NT projects yearly executed by Deutsche Telekom AG group.

Other steps of the PSA process are direct linked to the single phases of the particular project.

A first important step is the identification of relevant privacy and security requirements. The requirements are compiled by the security and privacy experts of Deutsche Telekom on basis of vendor specifications and industry standards as well as valid laws and regulations. They are group-wide aligned and enforced. Next step of the PSA process is implementing, testing and documentation of the requirements. For not implementable requirements a automatic risk assessment on basis of the protection need of the individual system will be performed. If necessary an action plan will be prepared together with the project team.

The PSA process guarantees for all relevant projects and systems the implementation of groups security and privacy standards and an approval by security and privacy experts before bringing in service.

Security requirements can be downloaded here (zip, 3.3 MB).

FAQ

Cookies and similar technologies

We use cookies and similar technologies on our website to save, read out and process information on your device. In doing so, we enhance your experience, analyze site traffic, and show you content and ads that interest you. User profiles are created across websites and devices for this purpose. Our partners use these technologies as well.


By selecting “Only Required”, you only accept cookies that make our website function properly. “Accept All” means that you allow access to information on your device and the use of all cookies for analytics and marketing purposes by Deutsche Telekom AG and our partners. Your data might then be transferred to countries outside the European Union where we cannot ensure the same level of data protection as in the EU (see Art. 49 (1) a GDPR). Under “Settings”, you can specify everything in detail and change your consent at any time.


Find more information in the Privacy Policy and Partner List.