Management System Information Security Policy
ISO/IEC 27001:2013 Certificate Registration No. 44 121 180203
BSIP understands that at the core of our service delivery is our client’s confidence in our ability to protect confidentiality, integrity and availability of following sets of information:
- Information received from our clients (owned by clients or other beneficiaries)
- Information received from our partners and suppliers
- Information owned by BSIP (including intellectual property of BSIP)
MS Information Security principles
- We will maintain security of information in delivery of our services through:
- – Protection from unauthorized access
- – Safeguarding confidentiality of information
- – Maintaining integrity of information
- – Assuring continuous and controlled availability of information
- We will achieve a high compliance with our Management System, executing projects in a controlled, measured environment.
- We will continuously identify and evaluate information security risks and act proactively in order to manage those risk.
- We will carry out adequate information security awareness programs which covers all employees and, where applicable, other interested parties.
- We will report, investigate and promptly react to all suspicious breaches of information security.
- We will comply with all contractual, legislative and regulatory requirements, especially with regard to the critical information of our clients.
- We will maintain and continuously improve our Management System, by proactively managing risks against business opportunities, periodically reviewing and reevaluating our quality objectives and processes.
- We will comply with all mandatory ISO 27001 requirements as to obtain and maintain third party certification.