information security policy

Information security protects information entrusted to us as a company and to us as individuals. Improperly protecting information or ignoring it can have a huge negative impact on all of us, our customers, our reputation and ultimately our finances.

With a well-established information security management system (ISMS), we can:
‍
• we ensure the fulfillment of our legal, regulatory and contractual obligations,
‍
• we carry out all processes and risk assessments according to ISO/IEC 27001,
‍
• we provide access to the right data and systems at the right time to only the right people,
‍
• we ensure the protection of personal data in accordance with the GDPR and local data privacy laws,
‍
• we ensure business continuity and
‍
• we reduce the risk of injury.

The main pillars of information security are:

• Confidentiality: Information is accessible only to persons with appropriate authorizations.

• Completeness: Information is accurate and complete.

• Availability: Information is available when needed.

Information security goals

• We want to protect our organization's information resources from all internal, external, intentional or accidental threats.

• We want to implement information security and data protection as part of our engineering culture and daily operations, which we do through effective training and awareness.

• We want to provide the resources necessary to develop, implement and continuously improve the information security management system.
‍
• We want to ensure compliance with legislative and regulatory requirements.

• We want to effectively manage suppliers that process, store or transmit information in order to reduce and better manage information security risks.

Everyone who has access to the 3fs information system must comply with the requirements of the information security policy.

‍