Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimise business risk, and maximise return on investments and business opportunities.
Information security is achieved by implementing a suitable set of controls, including policies, processes, procedures, organisational structures and software and hardware functions. These controls need to be established, implemented, monitored, reviewed and improved, where necessary, to ensure that the specific security and business objectives of the organisation are met. This should be done in conjunction with other business management processes.
As an ISO27001 certified organisation, we have designed and implemented an Information Security Management System with the following objectives:
Information will be protected against unauthorised access
The required level of confidentiality for information is always maintained
The integrity of the information is always ensured
The proper information is always available to the authorized users
All staff and contractors receive sufficient Information Security training
The Information Security Management System is applied for all employees, contractors, consultants, interested parties, information and information assets for all of its operations.