COMMITMENT TO SECURITY

COMMITMENT TO SECURITY

IM “Enterprise Business Solutions” SRL, further as EBS, its’ executive board and entire staff, is committed to maintain, optimize and enforce information security (IS) measures, regarding its own as well as stakeholder data, to guarantee confidentiality, integrity as well as case-by-case data access, to any information stored, owned or otherwise received at its end 

Our information security policies, apply for any activities related to the provision of consulting and software development services, data processing, web page management as well as other related activities. 

Information security compliance, as well as complying with any rules to support that matter, is carried out by EBSs’ Information Security Team, led by an Information Security Officer 

Our Information Security Policy is approved by EBSs’ management and reflects our sheer commitment to implementing and maintaining an Information Security Management System, that guarantees informational asset protection at the organizational level, protecting own and partner resources from all threats and/or attacks, regardless of their nature (be they internal, external, deliberate or accidental). 

As an ISO/IEC 27001:2013 compliant organization, we ensure that: 

  • Any owned information is protected against unauthorized access;  
  • Information confidentiality is maintained according to best practices;  
  • Information integrity formation is preserved;  
  • Information availability is ensured when required by business processes and/or on a case-by-case requirement;  
  • Any legislative and regulatory requirements are met.  
  • Business Continuity plans is drawn up, maintained and periodically tested.  
  • Any of our employees are trained on information security practices and participate in the implementation process of IS policies; 
  • All actual or potential security incidents will be reported to, and investigated by the Information Security Team. 

As part of this statement, we are reinsuring you of the following: 

  1. Specific information security procedures are in place for the application of the Policy.  
  2. Business requirements regarding the availability of information and information systems are met. 
  3. All managers are directly responsible for implementing the Policy in their areas of responsibility.  
  4. Each of our employees has the responsibility to join this Policy, know and apply the procedures defined by the Security Management System in place 
  5. The management of IM "Enterprise Business Solutions" S.R.L. designed, implemented and certified an Information Security Management System in compliance with ISO/CEI 27001:2013 standard. 

Failure to comply with this Security Policy will result in disciplinary measures (in case of our employees) and revocation of any access rights to computing facilities and information.  

In certain cases, the modification, disclosure or destruction of any company-owned informational assets will result in legal actions (civil or criminal) against individuals or legal entities responsible for causing any security incidents.  

As CEO, I am committed to continuously improving the Information Security Management System in placeproviding and allocating any required resources to achieve set IS objectives ensure and the applicability of our Information Security Policy.  

I entrust the Information Security Manager with the authority to manage the information security system and to provide support and guidance for implementation. 

 

December 1st 2020, Tatiana Munteanu, CEO at IM “Enterprise Business Solutions” SRL.