This policy is based on ISO 27001:2013 the recognized international standard for information security. The Information Security Policy (hereinafter referred to as the ISMS Policy) of the Smart Solutions Group defines a system of views on the problem of ensuring information security (hereinafter referred to as IS). It is a systematized statement of high-level goals and objectives of protection that must be followed in their activities, as well as the basic principles of building an information security management system (hereinafter referred to as the ISMS) of the Smart Solutions Group (hereinafter referred to as the Company).
The scope of Smart Solutions Group for Information Security Management System is to provide services for Software Development and Service Delivery Streams and use Toolkits and methodologies.
Framework for setting up information security objectives as following:
● Creation of a unified approach to ensuring information security in the Company;
● Determination of IS requirements, the implementation of which is mandatory to ensure the efficiency of the Company's activities and the Company's fulfillment of its obligations to third parties;
● Delimitation of powers and identification of those responsible for ensuring the Company's information security;
● Confirmation of compliance of the Company's ISMS with the requirements of the international standard ISO/IEC 27001:2013.
Smart Solutions Group is committed to:
● Ensure compliance of our activity with the national and international standards, the requirements of the regulatory legal acts and legislation of the Republic of Azerbaijan
● Ensure integrity, confidentiality, availability, and security of our physical and information assets at all times for serving the needs and expectations of our interested parties both within organization and from external parties including clients, suppliers, regulatory, governmental bodies and to provide the necessary resources to achieve this
● Provide the high-quality services to our customers, fully satisfying their requirements by ensuring the most effective and agreed processing level in a satisfactory extent in order to propose the advantageous offers to them
● Implement, maintain and continuously improve the Information Security Management System based on the process approach and risk-based thinking, in accordance with the requirements of international standards
● Ensure the competence and awareness of its employees, their contribution to information security by providing necessary resources, information security training and awareness programs and promote ISMS culture within the organization and community at large
● Learn and continuously improve through reviews and assessments of the performance and results of company activities
● Report, resolve security incidents and suspected vulnerabilities and investigating fully to identify lessons learned and prevent similar events occurring, in accordance with its incident management processes and business continuity plans
● Review and revise this policy periodically as necessary
● Ensure that suppliers and contractors are made aware of, and comply with Smart Solutions Group security requirements
All our employees shall be informed of this ISMS policy and shall endeavor to adhere to and implement the policy guidelines in the course of their work.