The Information Security Policy of Docusys S.A. was established based on the philosophy and basic principles of management and principles of corporate conduct and describes the approach to information security and the requirements of Docusys S.A.
The management and employees recognize the importance of information security and the exercise of effective information security governance, and build information security into the corporate culture in order for Docusys SA to be trusted by all stakeholders.
The security policy of Docusys SA confirms that:
- All information used by Docusys SA's operations is recognised as a significant asset, and activities involving security information are treated and managed appropriately. This includes customer and personnel information, confidential information related to sales and marketing, products, technology, software production, “know-how”, suppliers and partners and all kinds of information systems that store and make use of such information.
- The established information security policy recognizes responsibilities and authorities in the protection and control of information assets.
- Information security risks are assessed and managed, demonstrating the continuous improvement of the information security management system and the confidence of stakeholders in the business continuity of Docusys S.A.
- Continuous education and training of employees is embedded in the corporate culture, providing a high level of knowledge and competence of staff.
- Systematic legal monitoring ensures compliance with laws, agreements and regulations regarding the security of the management information system.
- The Information Security Management System is reviewed, maintained and improved on an ongoing basis by management.
