Information security and business continuity policy

16
Aug 2024

Information security and business continuity policy

ESCO-Fofonjka doo is a company whose main activity is the production and sale of springs and heat treatment services. Information security is one of the most important factors that affect the quality of our work, as well as ensuring business continuity. Through the application of an information security management system, we want to ensure the completeness and integrity of all information at our disposal, as well as the smooth running of all processes with the help of ensuring business continuity.

In order to meet the needs and expectations of interested parties, we have defined the following principles of our information security and business continuity policy:

BUYERS-USERS OF SERVICES

  • ensure the protection of information assets from all dangers - internal and external, as well as intentional and accidental
  • continuously reduce risks in the field of information security through risk management and undertake control measures
  • ensuring the availability of information when requested by external interested parties in accordance with the Law on the right to access information
  • ensuring the confidentiality of sensitive data in accordance with legal regulations and good business practice

SUPPLIERS-COOPERATORS

  • Strive to establish partnership relations with suppliers/cooperators and increase our competitiveness on the market through a mutually beneficial relationship

EMPLOYEES

  • constant training of employees related to the rules of application of information security
  • protection of personal information
  • continuous work

BODIES OF STATE ADMINISTRATION

  • ensuring compliance with legal regulations and other requirements in the field of information security
  • ensuring business continuity in the event of unwanted events in accordance with the Business Sustainability plan

LOCAL COMMUNITY

  • Continually comply with all obligations and regulations related to our business
  • Actively participate in humanitarian actions and activities of the local community
  • To improve the general quality of life in the community

ADMINISTRATION

  • all incidents related to information security will be reported to the responsible persons and appropriate corrective actions will be taken
  • constant improvement of the information security and business continuity management system in accordance with the requirements of ISO 27001 and ISO 22301 standards
  Personal data protection policy of the customer
Environmental management policy and safety and health protection  
  Terms