COMPANY INFORMATION SECURITY POLICY
The company ATESE S.A. conducts its activities, in order to serve the needs and the expectations of its customers in the most efficient and secure way, takes account of the applicable standards, legislation, regulations, as well as their application guidelines in all its activities and is committed for their observance.
The activities of ATESE S.A. are:
Design & Development of Information Technology and Communication Applications and Systems
The physical security of facilities, personnel, documents, software and fragile materials is ensured by the company in accordance with the relevant policies and procedures.
The Managers of the Departments are responsible for the appropriate training of the personnel, so that they are able to use, in the safest and most efficient way, the assets of the company, that are available to them for the process of their work.
Risk assessment is a continuous effort and considers the contribution of each element to the company’s mission, the weaknesses, the risks, the impact of a potential breach, the unique points of failure, the method of quantifying and assessing risks and the ways to reduce impact through implementation of safeguards.
The specifications for the supply of new or the expansion of existing systems also include security requirements, depending on the mission they perform or they are about to perform.
Access to the company’s network, as well as to the devices interconnected to it, is controlled. The network is protected from known or unknown malware. The files, containing the anti-malware features, are updated frequently and automatically. The system protects, among other things, the servers, the workstations, and the remote computers. A centrally controlled system protects the internal network from the Internet. The company has a Business Continuity Plan and maintains its applicability.
Finally, the company is committed to the continuous improvement of the Information Security Management System according to ISO 27001:2013, with which it complies.
President of the Board
Edition 1.0, 17/03/2020