Information Security policy
Information management is a critical factor in business success of the AVISTO Eastern Europe. How information is acquired, processed and shared, defines major components of our company’s core activities. This requires effective information security management to ensure the confidentiality, integrity and availability of the all information we deal with.
This information security policy presents our approach to information security management. It provides the framework for defining information security objectives, risk management and describing the responsibilities necessary to safeguard the security of the AVISTO Eastern Europe’s information.
To ensure information security, AVISTO Eastern Europe is committed to the implementation and effective maintenance of Information Security Management System in accordance with the requirements of ISO/IEC 27001:2013 standard.
The management of AVISTO Eastern Europe demonstrates this commitment by allocating appropriate resources to this end and by striving to continually improve our information security practices. AVISTO Eastern Europe invests in the development of the key resource – the employees, thus ensuring their awareness of information security and adherence to ISMS policies.
AVISTO Eastern Europe is also highly committed to preserving the confidentiality, integrity and availability of documentation and information provided by, created by and held on behalf of third parties, as part of the project realization.
These commitments are made in the recognition that adherence to these principles is consistent with the core values of AVISTO Eastern Europe and critical to its business and compliance with legal, regulatory and contractual requirements.
By complying with these obligations, requirements and codes of business, through synergy and trust, we are building success and proving that we are a reliable business partner.