With ALFANET S.A responding to the demands of the modern business reality, aiming to provide security of the managed information in terms of integrity, confidentiality and availability and always opting for the seamless and exemplary service of its Customers, it has decided to design and install an Information Management System according to the Requirements of the International Standard ISO 27001: 2013.
The Company's Information Security Management System is covering the Provision of IT and Telecommunication equipment disposal services as well as the erasure and destruction of confidential and sensitive data and the remarketing and resale of equipment and has been designed according to the needs and aspirations of the Company and its Legal and Regulatory Requirements. and Community Legislation.
The main objectives, as they are underlined in the processes of the Company's Information Security Management System, are:
- the creation of a basis for the continuous improvement of the efficiency of its processes, bearing in mind the continuous satisfaction of the needs and the expectations of its customers.
- minimizing the number of incidents that may affect the continuity of business processes, as well as minimizing their impact.
- the handling of information managed by the company in a way that protects their security in terms of their confidentiality, integrity and availability.
- the company's compliance with the laws and regulations to which it is subject.
- the continuous improvement of the system.
The company's system is reviewed at regular interval periods by the Management, in order to adapt to new needs and market developments, legal requirements, but also to achieve the goal of continuous improvement of the company's operations.
The Management is committed to the disposal of the infrastructure and equipment that is deemed necessary for the implementation and availability of its work. Every employee is responsible to respond, assimilate and implement the procedures required by the Information Security Management System through its daily activities. For this reason, all employees, depending on their responsibilities, are informed about the System and act in accordance with the established rules of security and confidentiality.
The Information Security Policy is communicated, understood and applicable by all human resources, with the ultimate goal of continuous, stable development of its business activity, with unwavering commitment to its principles and the constant offer to its customers of excellent quality services. It is reviewed at regular intervals with the aim of its continuous harmonization with market conditions, technological developments and current legislation.
Procedures, flows and actions, which do not guarantee the fulfillment of the set goals, are immediately stopped by those responsible, cause analyzes are carried out and the necessary improvement measures are defined.