Purpose
The purpose of this document is to describe the information security policy statement of Dot.Cy Developments Ltd (hereinafter referred to as “Company”, “Dot.Cy”, or “Organisation”).
Abbreviations
ISMS: Information Security Management System
Information Security Statement
Dot.Cy is committed to maintain and improve information security within the organization and minimizing its exposure to risks. It is therefore organization policy to ensure that:
- Integrity of information shall be assured.
- The confidentiality of customer’s information shall be assured.
- Information shall be protected against unauthorized access.
- Information shall be made available to authorized business processes, users and customers when required.
- Regulatory, statutory and legislative requirements shall be met.
- Business continuity plans for mission critical activities shall be produced, maintained and tested.
- Information security awareness shall be made available to all users.
- Breach of information security, actual or suspected shall be reported and will be investigated by the management.
- Governance and Responsibilities
All users of Dot.Cy information technology resources are responsible for complying with this policy. Every user is accountable for:
- Ensuring that no breach of information security shall occur from their actions.
- Reporting any breach or suspected breach of security to relevant parties.
Chief Information Security Officer is responsible for implementing the policy within Information Technology Department, and for adherence by the users. This includes:
- Assigning general and specific responsibilities for information security management
- Determining access rights for information assets and systems
- Ensuring that all users of information technology resources are aware of their accountability, and they are aware that failure to comply with the Information Security Policy is a disciplinary offence which may include action up to and including dismissal.