Information security policy
Handling large amounts of information on behalf of our customers is one of our most important responsibilities. We work hard to protect and ensure that confidentiality, integrity, and availability is thoroughly taken care of for all the information we handle.
As a result, we fully recognize that knowledge about information security among our employees plays a pivotal role for success. As a key element in this, our employees are provided with continuous information security training to enable a secure working environment. We also use internal collaboration tools to inform and educate on current threats and relevant topics.
To make sure we prioritize correctly, we have chosen a risk-based approach to information security. This enables us to make informed decisions. All information is protected based on criticality, and access to information is restricted to those who need access, and the use of both physical and logical controls ensures that our customers information is kept secure. Security is integrated as part of all our processes to ensure consistent secure handling of information over time.
Information security is fundamental for all the solutions we develop in-house and for the solutions we license. Our framework for development is based on internationally recognized standards and best practices for secure application development. Information is secured throughout the whole development process and we have strict requirements for business-critical information and personal data.
Incidents can occur, even in the most secure environments. We have implemented systems and procedures to ensure an efficient handling of security incidents, and to minimize the risk and damage if a major incident or data breach should occur. All critical information that we process, store or transmit is protected in accordance with customer requirements and best practices.
We follow industry standards and are continuously working to ensure that we are compliant with laws and regulations. Our information security policy is an integral part of how we operate and it is expected that everyone in Azets acknowledges and abides by this.