Information Security Policy

Information Security Policy of Innnes

Innnes has a clear information security policy that describes Innnes' priorities and goals in protecting, preserving, and handling all information assets and valuables of the company, and thus, ensures compliance with laws and regulations concerning its operations. The ISO27001:2002 standard for information security management systems is used as a basis for ensuring that Innnes’ information security is adequate and secure. 

The objectives of Innnes’ information security policy are as follows: 

• To ensure the security of information assets and systems owned or held by the company in terms of confidentiality, use, availability, accuracy, modification, transfer, or destruction. 

• To ensure continuous operations and minimize operational risk. 

• To protect information assets against unauthorized access and prevent misuse, disclosure, or loss of important or sensitive information. 

• Access to personal data and information is in accordance with applicable laws, regulations, and policies. 

• Physical security is always adequate, such as access to premises, equipment, or workplaces. 

• To work on continuous improvements in the information security environment and to conduct regular risk assessments to determine whether improvements are needed. 

• To implement procedures and policies relating to information security and ensure that employees and other relevant stakeholders follow them.