Information Security Policy

The objective of information security policy at AuthBridge is to protect the AuthBridge Research Services and its subsidiaries business information, any client or customer information within its custody or safekeeping by safeguarding its confidentiality, integrity and availability, ensure the business continuity of the organization and to minimize the risk of damage by preventing security incidents and reducing their potential impact.

Video Image
Policy

The policy’s goal is to protect the organizations and informational assets1 against all internal, external, deliberate or accidental threats.

The security policy ensures that:

  • Information will be protected against any unauthorized access;
  • Confidentiality of information will be assured;
  • Integrity of information will be maintained;
  • Availability of information for business processes will be maintained;
  • Confidentiality, Integrity and Availability will be protected subject to the Risk Assessment;
  • Contractual, Legislative and regulatory requirements will be met;
  • Business continuity plans will be developed, maintained and tested2;
  • Information security training will be available for all employees;
  • All actual or suspected information security breaches will be reported to the Information Security Manager and will be thoroughly investigated.
  • Procedures exist to support the policy, including virus control measures, passwords and continuity plans.
  • Business requirements for availability of information and systems will be met.
  • All functions have clarity of objective3 , i.e. what they need to achieve to contribute to ISMS

The AuthBridge Information Security Management System, of which this policy, and other supporting and related documentation are a part, and which has been designed in accordance with the specification contained in ISO/IEC 27001:2013

AuthBridge Research Services and its subsidiaries are committed to its ISMS & compliance to the standard ISO/IEC 27001:2013. The ISMS is subject to continuous, systematic review and improvement.

1Information can exist in various forms, and includes data stored on computers, transmitted over networks, printed or written on paper, sent by fax, stored on diskettes or magnetic tapes or discussed during telephone conversations. This includes any information shared by clients and any third party.

2This plan allows users to access information and essential services when needed.

3Function level objectives will be documented and communicated.