Security

General Information Security Policy

‍‍deeploi aims to build an Information Security Management System (“ISMS”) according to the ISO/IEC 27001 (“ISO 27001”).

1. Commitment to Information Security

·        Confidentiality, Integrity, and Availability: the organization is dedicated to safeguarding the confidentiality, integrity, and availability of information processed and stored within its systems, whether owned by the organization, our employees, partners, customers, or suppliers. 

·        Information Security Management System (ISMS): The organization has implemented an Information Security Management System (ISMS) in alignment with ISO 27001 standards, demonstrating our commitment to robust information security practices. 

2. Leadership and Commitment

·        Strategic Alignment: The organization’s management ensures that the information security policy and objectives are in harmony with the strategic direction of the organization. 

·        Integration into Processes: The integration of ISMS requirements into organizational processes is actively managed to strengthen information security. 

·        Roles and Responsibilities: Specific roles and responsibilities are assigned to ensure effective oversight and execution of the ISMS. 

·        Resource Availability: Resources needed for the ISMS are prioritized and made readily available to support its ongoing effectiveness. 

·        Continual Improvement: The organization’s leadership promotes a culture of continual improvement for the ISMS, fostering adaptability to emerging challenges and technological advancements. 

3. Key Objectives of the ISMS

·        Compliance Assurance: The organization is committed to ensuring compliance with relevant information security regulations and meeting the expectations of interested parties.  

·        Cyber Resilience and Continuity: Maintaining cyber resilience and ensuring process continuity are key objectives, reflecting our dedication to uninterrupted business operations.  

·        Risk Management: The organization identifies information security risks and implements measures to reduce them to an acceptable level.  

4. Fundamental Principles

·        Integral to Every Activity: Information security is integral to every procedure, process, or activity within the organization, reflecting our holistic approach to protecting information assets.  

·        Employee Involvement: All the organization’s employees actively treat information security as an essential part of their day-to-day work, contributing to a collective responsibility for information protection.  

·        Continuous Improvement Commitment: The organization is dedicated to the continual improvement of the suitability, adequacy, and effectiveness of the ISMS, adapting to evolving security landscapes.  

5. Policy Assessment and Revision

·        Periodic Evaluation: The Information Security Policy undergoes regular assessment, revision, and updating every two years or more frequently, if necessary, to ensure its relevance in response to changing conditions.