The company operates in the field of providing services in the information technology and telecommunications sector and has developed, monitored, and implemented a system for managing the quality and security of information in all its operational areas, in compliance with the ISO 9001 and ISO 27001 standards.

The present security policy ensures:

• The confidentiality, integrity, and availability of information
• Employee training on quality and information security matters
• Customer satisfaction and continuous improvement
• Reporting of potential information security breaches to the Information Security Director
• Maintenance of a business continuity plan • Specification of legislative requirements

To achieve the above, the Management supports the information security policy as follows:

• Measurable objectives are set for the quality and security of information, and a commitment is made to continuously improve the system.
• Stakeholders and their expectations are identified to best cover their requirements. • Business requirements for information system availability are determined.
• Objectives, their significance, achievement, and quality and security obligations are communicated to all involved in implementing the quality and information security management system.
• The Information Security Officer is responsible for maintaining the policy and providing support and advice during its implementation.
• Every party involved in implementing the quality and information security management system has clear and predefined roles and responsibilities communicated within the organization. All actions that may affect information quality and security are planned and implemented according to established Procedures and policies of the company.
• Management collaborates with approved suppliers and partners to deliver products/services according to customer requirements and aims to develop long-term partnerships.
• Any change in the quality and information security management system, based on ISO 27001 & ISO 9001 standards, is promptly and appropriately communicated to all involved parties.
• The system is regularly reviewed, and all control elements are documented, analyzed, and appropriately used within a continuous improvement effort for information quality and security.
• Management is responsible for setting risk assessment and ranking criteria.
• The company provides all necessary means and procedures to establish, review, and achieve information quality and security objectives. Simultaneously, it ensures the education, training, and awareness of personnel in quality and information security matters.

Management is committed to implementing this policy and disseminating it to its workforce and stakeholders as necessary.