IT systems security policy

We believe that ensuring the security of IT systems is possible by building an organizational culture appropriate for this purpose and applying security measures appropriate to identified threats.

‍

We undertake to create a comprehensive Management System covering the security of IT systems by:

• monitoring the requirements for the security of IT systems specified in legal acts and quality standards;
• monitoring threats and counteracting them by applying appropriate solutions that reduce the risk;
• developing, monitoring and continuously improving processes related to the functioning of IT systems;
• establishing general principles of IT system security;
• establishing roles in IT system management processes, in particular appointing persons responsible for systems processing personal data;

We oblige all employees to constantly take care of the security of IT systems, in particular to apply the principles of this policy and the security standards indicated in the policy.

‍

Our primary goal is to ensure the availability and integrity of IT systems, in particular ensuring the use of IT systems in accordance with the law and the applied security standards.

‍

The adopted solutions should enable the achievement of an appropriate technical and organizational level, such that:

• there is a guarantee of protection of IT systems against their unauthorized use;
• there is a possibility of efficient operation in crisis situations;
• there is a possibility of ensuring the security of IT systems regardless of the scope of information they process;
• the effects of threats do not affect the security of IT systems and the information they process;