This Information Security Policy demonstrates the direction and commitment of MERA RS to information security in order to protect its own information assets and those provided to the MERA RS by partner organizations/third parties.
We will develop and maintain an effective documented ISMS based on the requirements of ISO IEC 27001:2013, to ensure that we have a documented method of control that protects MERA RS, its customers and stakeholders.
It is our policy to ensure that:
• Information belonging to Mera RS, our customers and partners will be protected against unauthorized access
• Confidentiality, integrity and availability of information belonging to Mera RS, our customers and partners will be assured
• Needs and expectations of all interested parties will be met
• All customer requirements related to information security will be met
• Regulatory and legislative requirements will be met
• Business Continuity plans will be produced, maintained and tested to ensure uninterrupted performance of business processes
• Information security training including final examination will be obligatory for all employees
• All breaches of information security, actual or suspected, will be reported to and investigated by the Information Security Representatives
• Risks related to information security will be identified, rated, and measures taken to reduce or eliminate them.
• ISMS will be constantly monitored by means of appropriate measurements calculation and analysis, internal audits and management review, and ISMS will be constantly improved.
This policy applies to:
• All MERA RS owned information and information provided to the MERA RS by customers and stakeholders
• All information in any form – paper, electronic, audio, CD
• All systems, applications and infrastructure used to process information
• All MERA RS employees
• Third parties with access to MERA RS information assets
• All buildings used by the MERA RS that house information assets or from where employees access information assets.
The present policy shall be communicated to all employees of Mera.RS via: mail and EMS.