Publication date: 23.11.2023
Management uses the adopted policy as a way of guiding improvements in the performance of the management system. The adopted policy is a consistent part of the corporate strategy and its context.
The company’s policy objectives are:
• meeting or exceeding the requirements, needs and expectations of customers and end-users,
• growing the business and continuously improving the performance of the management system,
• continuously informing, training and motivating staff at all levels and increasing their satisfaction,
• establishing partnerships with suppliers of equipment and services and subcontractors.
As part of our corporate policy, we have also adopted an overarching security policy, which sets out the following fundamental objectives and principles for information security:
• protecting the confidentiality, availability and integrity of information,
• protecting IT assets and systems, including supporting infrastructure,
• Ensuring the correct and secure operation of our IT system,
• educating, training and raising awareness of information security among all employees and external collaborators,
• avoiding breaches of laws and regulations, contractual obligations and prescribed security policies,
• preparing, maintaining and reviewing business continuity plans to the extent appropriate,
• recording and investigating breaches or suspected breaches of information security policies and resolving incidents.
The management of the company is committed to providing sufficient resources for the effective implementation and continuous improvement of the management system in place.
The policy provides a framework for defining quality objectives and information security objectives. The relevance and appropriateness of the adopted policy is verified at management reviews.