The main theme of the TS EN ISO 27001 Information Security Management System (ISMS) is to demonstrate the implementation of information security management within all activities related to the development of information technologies, the establishment and maintenance of IT infrastructures, particularly where third-party data and financial resources are involved.
It also aims to ensure risk management, measure ISMS process performance, and regulate relations with third parties on matters of information security.
Accordingly, the purpose of our ISMS Policy is to:
-
Protect NK Research’s information assets against all kinds of threats, whether internal or external, intentional or accidental.
-
Ensure appropriate access to information as required by business processes.
-
Comply with legal and regulatory requirements.
We are committed to maintaining the continuity of the three core components of the Information Security Management System across all activities:
-
Confidentiality: Prevent unauthorized access to sensitive information.
-
Integrity: Ensure and demonstrate the accuracy and reliability of information.
-
Availability: Ensure authorized access to information when needed.
Our information security focus includes not only data in electronic form but also data in written, printed, verbal, or any other format.
Our commitments include:
-
Providing Information Security training to all personnel to raise awareness.
-
Reporting all actual or suspected information security breaches to the ISMS Team, with investigation led by the ISMS Coordinator.
-
Developing, maintaining, and testing a Business Continuity Plan.
-
Conducting periodic assessments to identify existing risks in information security, and updating and following up on action plans accordingly.
-
Preventing any disputes or conflicts of interest that may arise from contractual relationships.
-
Meeting the business requirements for information accessibility and information systems.