Information Security Policy
1.5 INFORMATION SECURITY POLICY
Information Security is a top priority in order to:
• Ensure the company's full compliance with relevant applicable legal and regulatory requirements,
• To protect the interests of the company and those who deal with and trust the company for the use and handling of their confidential data
• To ensure the availability, integrity and confidentiality of information generated, received and handled in the context of security projects.
• To maximise the reliability of the company's information resources.
To achieve the above, the Company implements an Information Security Management System in accordance with ISO/IEC 27001:2013.
The implementation of the Information Security System aims at the following:
• Protect the stored archive, computing resources and information in transit in the Company's services from any threat, internal or external, intentional or accidental,
• Systematic assessment and evaluation of risks related to information assurance, looking forward to their correct and timely management,
• Archiving data, preventing viruses and external intrusions, controlling access to systems, recording all security incidents and managing unexpected developments,
• Keeping management and staff up to date on information security issues and conducting training seminars for staff,
The Information Security Management Officer is responsible for controlling and monitoring the operation of the Information Security System and for informing all staff involved of the Information Security Policy.
All personnel involved in the activities and processes described and related to Information Security are responsible for implementing the Information Security System policy and related Information Security System Procedures in their area of work.
The Company's Management is fully committed to the faithful implementation and continuous improvement of the Information Security System, which complies with the requirements of ISO 27001:2013.