The main theme of the TS EN ISO 27001:2013 Information Security Management System at Icon Systems is to demonstrate that information security management is ensured within the organization in the areas of people, infrastructure, software, hardware, customer information, organizational information, third-party information, and financial resources. It aims to secure risk management, measure the process performance of information security management, and regulate relationships with third parties regarding information security.
In line with this, the purpose of our Information Security Management System (ISMS) policy is to:
1. Protect Icon Systems' information assets against any kind of intentional or unintentional threats, both from within or outside the organization.
2. Ensure the availability of information through business processes as needed, comply with legal requirements, and continuously work towards improvement.
3. Maintain the continuity of the three fundamental elements of the Information Security Management System in all activities conducted.
Specifically, the policy focuses on:
Confidentiality: Preventing unauthorized access to critical information.
Integrity: Demonstrating the accuracy and integrity of information.
Accessibility: Showing that authorized individuals can access information when needed.
The policy also involves ensuring the security of all types of data, not only electronically stored data but also data in written, printed, verbal, and similar formats.
Other key points of the policy include:
This policy reflects the commitment of Icon Systems to maintaining a robust Information Security Management System to protect its assets and ensure the confidentiality, integrity, and availability of information.