Information security management

Azets business is based on information and data, and as such is dependent on the trust of customers, partners, suppliers, and employees.

In order to maintain information security at all levels in the organization, and to protect all information assets managed by Azets from threats, whether internal or external, deliberate or accidental, Azets maintains a common Information Security Policy applicable to all parts of Azets. This policy applies to all companies, employees, contractors, consultants, temporaries and other workers in the Azets group.

The Information Security Policy is governed by Azets Security Forum which consists of appointed Regional Security Officers (RSO) and led by Azets CISO. The Azets Group approves the policies based on recommendations from the Security Forum. Updates and approval of the Information Security Policy are done annually.

To enable a good balance between security and efficient use of resources, Azets uses a risk-based approach to vulnerabilities, and identify the best measures based on existing threats and likelihood. The risk assessments enable Azets to make conscious and correct decisions in complex environments.