Epignosis develops and maintains software solutions that are used to collect, store and process information, in the context of its business processes. Information and information systems’ protection have strategic significance for the company to achieve its short and long-term objectives. The security and privacy of the data entrusted to Epignosis by its customers are of paramount importance and must be treated as confidential and protected accordingly at all times.
The company’s executive management (referred to as “Senior Management Team” in the Epignosis Information Security policies), acknowledging the criticality of information and information systems for the execution of the Company’s business processes, supports and promotes actions that safeguard the systems’ normal operation. For this purpose, the Company has established an Information Security Policy aiming to:
For this reason, the company implements measures in technical and organizational level in order to safeguard the integrity, confidentiality and availability of the information it manages. At the same time, it applies policies and procedures in the context of:
The Company conducts Information Security risk assessments on a regular basis and implements the required risk treatment measures. The effectiveness of Information Security procedures is evaluated at planned intervals or if significant changes occur, by defining performance indicators, describing their measurement methods and periodically reporting to the Company’s Management for review, with the aim to further improve the Management System and ensure their continuing suitability, adequacy and effectiveness.
The Information Security Officer is responsible for controlling and monitoring the Information Security policies and procedures as well as for undertaking the necessary initiatives to eliminate any factor that may jeopardize the availability, integrity and confidentiality of the Company’s information.
The Company’s employees and partners with access to information and information processing systems are responsible for conforming to the rules of the applicable Corporate Information Security Policy.
The Company’s Management and employees are committed to the continuous improvement of the ISMS.