Version | Date | Reason | Who |
---|---|---|---|
01 | 15-01-2023 | First version | Security Resp |
Invader recognizes the importance of information security for the continuous success of its operations and the fulfillment of its objectives. This policy establishes its commitment to information security and provides a basis for establishing and reviewing security controls in accordance with ISO/IEC 27001 standard.
This policy applies to all organization's information assets, including information stored, processed, or transmitted in any format for consulting and forensic analysis services.
The organization is committed to achieving the following information security objectives:
Invader has adopted a systematic approach to managing information security, based on the principles of ISO/IEC 27001 standard. This includes:
The management of 0INVADER assumes responsibility for ensuring that the Information System is sufficiently documented, communicated, and understood by its staff. To do this, they commit to providing the necessary resources for information, training, and awareness.
Both the detection of threats and vulnerabilities and the estimation of inherent risk will be carried out through regular meetings where the impact and probability of risks occurring will be evaluated.
The management, through the development and implementation of the Information System, will ensure that:
The management of 0INVADER is aware of the importance of developing proper change management. They commit to establishing a systematic approach to ensure control over the configuration items that require such control, as well as the criteria for carrying them out, with the purpose of achieving a greater impact of their services.
To comply with this Change Management Policy, 0INVADER establishes that the components and elements under the control of the change management process are:
0INVADER will promote all Information Systems and all necessary policies, procedures, and protocols, taking into account current legislation on equality and non-discrimination.
0INVADER reviews the Information System policy, either annually or in the event of a significant change or modification in its organizational structure, and ensures that the policy is appropriate.
As a result of the principles and requirements outlined above, 0Invader has determined the responsibilities of all members of the organization as follows:
0INVADER will be empowered in the event of the commission of any of the crimes or offenses typified by the current Penal Code or in the event of observing any behaviors that, in its opinion, are contrary to this policy, the Law, established rules, or may disrupt its proper functioning, image, credibility, and/or prestige, to claim damages of all kinds that it may suffer, on the occasion or as a consequence of the breach of any of the obligations mentioned above.
0Invader will provide periodic awareness and training programs to ensure that all employees understand their responsibilities regarding information security and are equipped to fulfill them.
The organization commits to complying with all applicable legal and contractual requirements.
0Invader reviews the Systems policy, either annually or in the event of a significant change or modification in its organizational structure, and ensures that the policy is appropriate.
This policy has been approved by the Management of 0Invader and takes effect from January 2023.
Nous utilisons le minimum de cookies pour l'utilisation de notre site
Accepter & ContinuerMentions légales – et – Cookies