Information Security Policy

Why Information Security Policy Is Necessary

Purpose of the Information Security Policy

The purpose of the Information Security Policy (ISP) is to ensure that:

  • Core and supporting business operations continue with minimal disruption.
  • Information integrity and availability are maintained for all data used or stored by SoftGamings.
  • Confidentiality is ensured through appropriate procedures for managing and storing relevant information.
  • Organizational information assets are protected from threats—internal or external, deliberate or accidental.

Security Policy Information

The information security policy has been approved by the CEO of SoftGamings. The implementation and use of the information security policy ensure that:

  • Information will be made available with minimal disruption to staff and the public as required by the business process, which means that information and vital services will be available to information users when and where they need them;
  • Information will be classified according to the necessary protection levels. This will ensure the protection of valuable or sensitive information from unauthorised disclosure or unavoidable interruptions. Moreover, the confidentiality of information not limited to research, third parties, personal and electronic communications data will be provided;
  • Applicable regulatory and legislative requirements will be met. This will ensure that SoftGamings remains compliant with applicable business, national and international laws;
  • Information security education, awareness, and training will be made available to staff and relevant external parties. This ensures that the staff is knowledgeable and understands how to use and implement this information security policy, as well as their duties and responsibilities;
  • The integrity of information will be maintained. This means that information will be kept intact, while the accuracy and completeness of information will be safeguarded and protected from unauthorised modification;
  • A system of reporting will be in place. This means that all breaches of security, actual or suspected, will be reported and investigated by relevant authorities or SoftGamings’ staff;
  • An information security system control process shall be in place. This means that appropriate access control will be maintained and information will be protected from unauthorised access;
  • An information continuity system will be in place. This means that there are business continuity plans in place that will be used to counteract interruptions of business activities and protect critical business processes from the effects of major failures or disasters.

Responsibilities

All managers are directly responsible for implementing the Information Security Policy within their units, as well as for their staff’s adherence. It is the responsibility of each member of our staff to adhere to this Information Security Policy.

The management representative is the Head of DevOps and has direct responsibility for designing, planning, implementing, and operating the Information Security Policy within SoftGamings. He also is involved in writing and/or managing the development of relevant policies, procedures, and guidelines not limited to information security.

The internal auditor is directly responsible for verifying the effectiveness of the Information Security Policy. The Information Security Policy is subject to review.