ENHR
Get In Touch
Language:
ENHR
 Get In Touch

Information Security Policy

In line with our strategic direction, Iteratio d.d.’s operations involve the processing and exchange of information with internal and external stakeholders, who derive value through our products and services, thus achieving targeted benefits. To ensure the fulfillment of our business objectives and the continuity of operations, measures to protect information assets from all internal and external, intentional or accidental threats that could compromise the confidentiality, integrity, and availability of information are integrated into our daily activities and form an integral part of our organizational culture.

In this context, we commit to the following:

To achieve the highest level of quality in IT services and the security of all our products and stakeholders:

  • We ensure the confidentiality of information and protect it from unauthorized access and misuse.
  • We respond promptly to breaches of information security, conduct investigations, and take necessary actions to eliminate the causes of threats, mitigate risks, and continuously improve the system.
  • We maintain regular communication with all stakeholders to understand the context, needs, and expectations of the stakeholders.
  • Decisions regarding projects, investments, and activities in the area of information security are based on the results of regular risk assessments.
  • We systematically develop, maintain, and test business recovery plans regularly.
  • We ensure appropriate control and continuous improvement through measurable objectives and monitoring the effectiveness of the information security system.
  • We ensure the integrity and availability of information and systems to stakeholders in accordance with their needs and authorizations.
  • We ensure compliance with legal, regulatory, and contractual requirements and all other obligations related to information security.
  • We continuously enhance employee awareness and competencies through education and information-sharing, thereby maintaining a satisfactory level of information security.

The information security management system is implemented, maintained efficiently and effectively, and improved in compliance with the requirements of the ISO 27001 standard and other applicable requirements. This system enables us to fulfill our obligations to stakeholders and achieve our business objectives.