Information Security Policy
2016 – 2019
Management statement
Skrivanek is the leading provider of language services in the field of translations and interpreting including localizations, DTP services and language courses in the Czech Republic and another 13 countries throughout the world. The Skrivanek Group management proclaimed this Information Security Policy as a framework for the company direction in the field of information security. The aim of the management is to support the set goals and principles covered herein.
Policy goals
Our overriding goal is to assure the privacy, integrity and availability of our own as well as customer data in order to allow for a trouble-free and fluent realization of our business activities. By means of this policy we declare to our business partners, employees, public and state administration and general public that the whole Skrivanek Group is ready to efficiently protect information as well as the tangible and intangible assets we manage in accordance with the legislative requirements applicable in countries of our business presence and our security regulations.
To enforce this policy the company implemented the information security management system pursuant to ISO/IEC 27001:2013.
Information security principles
We are obliged to:
- Abide by and meet the legislative regulations in the field of information security applicable in all countries where the Skrivanek Group conducts its business,
- Assure the availability of information at times and in places as required by the company, but only for those who need the information for its work activities, thus keeping the required level of secrecy based on the relevant categories of information – public, internal, confidential, personal,
- Manage the integrity and lifetime of information from the moment of its origination, through its distribution and use until its disposal,
- Educate and develop our employees, suppliers and partners in the field of information security,
- Consider a breach of the information security policy as a serious breach of the internal regulations and contractual relations,
- Determine the adopted security measures on the basis of risk severity principles, based on potential impacts as well as costs for implementation,
- Improve the efficiency of the information security system by regular monitoring and reviewing of risks, as well as by management of security issues and incidents through corrective and preventive actions.
This policy shall be binding for all employees of the Skrivanek Group.
Prague, 1 January 2016