Information Security Policy

The purpose of this policy is to establish an information security management system in accordance with the requirements of the international standard ISO/IEC 27001:2022 and to determine guidelines for the protection of information assets of the organization INSSIO SOLUTIONS DOO from various threats, as well as to ensure business continuity. In that way, it reduces possible damage, improve the image, increases income, and returns the invested funds.


This policy applies to all employees of the company. This also applies to contractors, consultants, temporary employees, subcontractors or any third parties with whom the company has any business cooperation.


This policy applies to all assets, tangible and intangible, owned or leased by INSSIO SOLUTIONS DOO.


The owner of this policy is ISMS manager.


Information, regardless of its form (written, spoken, printed or digital) is the primary means of doing business, which has its value and therefore it is necessary to adequately protect it. Information together with other means and components (people, processes, procedures, services, hardware, software, infrastructure, equipment, …) constitute the information assets of INSSIO SOLUTIONS DOO.


To protect information assets from various threats (computer fraud, hacker attacks, viruses, floods, fires, earthquakes, etc.) and to ensure business continuity, reduce damage, improve image, Director of INSSIO SOLUTIONS DOO has approved this policy, which sets goals and basic principles for establishing an effective and efficient Information Security Management System (ISMS).

 

Belgrade, 12.04.2024.