INFORMATION SECURITY POLICY
ARGO AUDIT LTD, recognizes the necessity of securing its information technology assets against all external or internal threats, both intentional and unintentional, and complies with legal and regulatory requirements.
The Information Security Policy constitutes the framework for securing the information handled by the company and its purpose is to define a set of general instructions, which will ensure an accepted level of security, proportional to the level of risk involved. This policy is documented through the operation and continual improvement of a complete and effective Information Security Management System (ISMS), according to the requirements that the ISO 27001:2013 Standard sets.
The company’s Information Security Management System is applied to the scope «Audit Services, Tax Audit Services, Financial Consulting» and was designed according to the needs and aspirations of the company and the Legal and Regulatory requirements of both Greek and European Community Law.
The key objectives, as they are defined in the procedures of the Information Security Management System, are:
- To set a framework for the continual improvement of its effectiveness, aiming to satisfy customers’ needs and requirements
- The minimization of the number of events that could influence the continuity of its business processes, as well as the minimization of their impacts on business activities.
- The compliance with legal and regulatory requirements relevant to information security.
- The continuous optimization of the system, so that an effective management of confidentiality, integrity and availability of information is achieved.
- The continuous improvement of the information security level that is achieved through the effective application of the system.
The ISMS is reviewed at regular intervals by the Management, in order to adapt to new needs or developments of the relevant market, legal requirements, as well as to achieve the continual improvement of the company’s operation.
Top Management is committed to provide the infrastructure, the human resources and the equipment necessary to achieve these objectives. Top Management is fully committed to the implementation and the continuous improvement of the ISMS, which conforms to the requirements of ISO 27001:2013 and all applicable national and European Community law. The personnel, involved in activities and procedures that are part of and related to Information Security, is responsible to implement the Policy and the related Procedures in their field of work.
Top management and the personnel are committed to the achievement of the company’s objectives and the adhering to the principles of Information Security.