Information Security Policy

Defines Apifon’s direction for information security in accordance with business requirements and relevant laws and regulations.

Last update: 15/11/2019

Apifon, responding to the demands of current business reality and aiming to protect information assets it holds or is responsible for, implements and maintains an Information Security Management System in accordance with the international standard ISO 27001:2013. The Information Security Management System ensures that measures and controls are put in place to ensure confidentiality, integrity and availability of information.

The commitment to Information Security and the avoidance measures of incidents that may affect the company, are implemented through the following individual steps:

  • • Integration of Information Security Management System requirements into the organization’s processes.
  • • Protection of both the resources and the information handled by the company from any threat, internal or external, deliberate or accidental.
  • • Systematic assessment and evaluation of information security risks, aiming at their sound and timely treatment/management.
  • • Secure application, systems & services development and maintenance processes.
  • • Immediate and effective handling of security incidents and breaches, reducing their negative impact and taking preventive measures to minimize them.
  • • Determination and provision of the resources needed for the maintenance and continual improvement of the Information Security Management System.
  • • Training and communication of Information Security Policies to the staff to ensure they are both understood and applied within the organization.
  • • Systematic change management, handling changes – depending on their impact and size.
  • • Keeping management informed regarding Information Security.
  • • Protection of company’s interests and of those who do business with it and trust it.
  • • Encouraging internal communication on Information Security issues.
  • • Compliance with statutory and regulatory requirements.
  • • Commitment to the faithful implementation of the Security Policies.

Apifon is committed to continuous improvement efforts of its Information Security Management System, so that it can offer high levels of security to those who do business/deal with the company.

The Information Security Policy is understood, communicated and applied to all staff, viewing to continuous and constant development of Apifon’s business activity.

Top Management reviews organization’s Information Security Management System at planned intervals to ensure its continuing suitability and effectiveness and checks the extent to which information security objectives have been met.