Information security does NOT only affect the ISboard. EVERY person must rethink their position towards secure and confidential information in their dailty work as well as in private life to create a safe and reliable environment for all people and all information.
We at control IT want to make sure that all information and assets are highly protected.
The sketch represents our politic based on the information security guideline. Created by Alesia B. and Mayleen K. May ’22 with the attention and support of the ISexecutive. Adjusted in November 2022.
We want to create a positive mindset and usual behavior towards information security for any stakeholder in any context of our business.
We use technological measures to manage access control, cryptography, physical safety and a safe work environment.
We provide a secure working environment for our employees and others working for us by introducing a Clean Desk Policy, Mobile Device Management, limited communication channels, a proper project management concept and recurring supplier control.
We introduced a system for treating all data protection and information security incidents in business activity. We do all necessary activities to manage and avoid these kind of incidents. Compliance is very important for us, we don’t see it just as “follow the rules” but as an important part of our collaboration with all stakeholders around our business.
We classify our important, confidential and business-critical documents and manage them properly using document control and a classification concept (public, internal, confidential, secret) to provide an environment worthy of protection for all documents and data.
We protect the integrity, confidentiality and availability of all information regarding our employees and applicants by introducing guidelines on awareness, reprimand and competences.
We use a sustainable measurement of all attainment by using a set of relevant and expressive KPIs to achieve a desirably ISMS, based on facts and figures.
We use and live an asset based risk management to reduce and manage all risks as much as possible and protect all assets and processes with the goal of stable and reliably business continuity.
We want to create a positive mindset and usual behavior towards information security for any stakeholder in any context of our business.
We introduced a system for treating all data protection and information security incidents in business activity. We do all necessary activities to manage and avoid these kind of incidents. Compliance is very important for us, we don’t see it just as “follow the rules” but as an important part of our collaboration with all stakeholders around our business.
We protect the integrity, confidentiality and availability of all information regarding our employees and applicants by introducing guidelines on awareness, reprimand and competences.
We use technological measures to manage access control, cryptography, physical safety and a safe work environment.
We classify our important, confidential and business-critical documents and manage them properly using document control and a classification concept (public, internal, confidential, secret) to provide an environment worthy of protection for all documents and data.
We use a sustainable measurement of all attainment by using a set of relevant and expressive KPIs to achieve a desirably ISMS, based on facts and figures.
We provide a secure working environment for our employees and others working for us by introducing a Clean Desk Policy, Mobile Device Management, limited communication channels, a proper project management concept and recurring supplier control.
We use and live an asset based risk management to reduce and manage all risks as much as possible and protect all assets and processes with the goal of stable and reliably business continuity.