eSafe Solutions Ltd (“eSafe”) has in place an Information Security Policy (“the Policy”) that sets the principles and mechanisms in order to ensure compliance with the applicable regulatory framework.
Keeping the Information Security a top priority in the business and operational planning the eSafe top management has approved an the Policy in order to ensure data security, business continuity and minimization of risk of damage by:
Preventing information security incidents.
Reducing their potential impact.
The goal of the Policy is to set the framework for protecting the organization’s information assets against all internal, external, deliberate or accidental threats.
eSafe management declares a strong commitment to maintaining standards of information security in line with its business strategy and objectives. eSafe shall establish, maintain, and operate the Policy according to the ISO/IEC 27001:2013 Standard to ensure that:
The information security performance is continuously improved.
A framework for establishing information security control objectives and controls is available to protect information against any unauthorized access and to reduce the risk of unacceptable use of any of the Company’s information resources.
A risk assessment approach is adopted regarding risk management.
Legislative, business, and regulatory requirements, as well as contractual security obligations, and needs and expectations by other interested parties are met.
Business continuity plans are developed, maintained, and tested.
Information security education and training is available for all employees.
All actual or suspected information security breaches are recorded and are thoroughly investigated.
All necessary documentation exists to support the Policy.
All employees are responsible for implementing the Policy and ensuring compliance in their area of activity and to report information security incidents.