The management of SoftCom International is committed to preserving the confidentiality, integrity and availability of all the physical and electronic information assets throughout their organization in order to preserve its competitive edge, legal, regulatory and contractual compliance and commercial image.
Information and information security requirements will continue to be aligned with the SoftCom International’s goals and the ISMS is intended to be an enabling mechanism for information sharing, for electronic operations, and for reducing information-related risks to acceptable levels.
The SoftCom International’s current strategic business plan and risk management framework provide the context for identifying, assessing, evaluating, and controlling information-related risks through the establishment and maintenance of ISMS. The Risk Assessment, Statement of Applicability and Risk Treatment Plan identify how information-related risks are controlled. CISO is responsible for the management and maintenance of the risk treatment plan. Additional risk assessments may, where necessary, be carried out to determine appropriate controls for specific risks.
This means that management, the full time or part time employees/staff, the subcontractors, the assignees, the project consultants and any external parties have, and will be made aware, and are made aware continuously, of their responsibilities (which are defined in their job descriptions or contracts) to preserve information security, to report security breaches (in line with the applied policy and procedures) and to act in accordance with the requirements of the ISMS. The consequences of security policy violations are described in the organization’s disciplinary policy (part of the employee contract). All employees/staff receive information security awareness training and more specialized employees/staff receive appropriately specialized information security training. In this policy, ‘information security’ is defined as preserving:
The organization complies with all relevant data-related legislation in those jurisdictions within which it operates:
It is the policy of our company to ensure the following objectives:
Because the needs of our business change, we recognize that our management system must be continually changed and improved to meet our needs. To this effect, we are continually setting new objectives and regularly reviewing our processes.
This policy has been approved by the SoftCom International CEO and shall be reviewed by the management review team annually.
SoftCom International Chief Executive Officer
Dr. Zoi Ekaterinidi
August 2023