SOLV information Security Policy defines the fundamental principles for the
protection of SOLV’s information assets and resources, the proper controls
needed to ensure compliance with internal policies and external regulations,
and to uphold SOLV’s reputation with its clients. All SOLV employees are
responsible for ensuring compliance with this policy to ensure that
confidentiality, integrity and availability of information related to SOLV
is not compromised. This shall be achieved by:
- Establishing and maintaining an Information Security Program consisting of an Information Security Policy document, supporting Procedures and a Risk Management Framework.
- Ensuring that policies and related procedures align themselves to the Risk Management Framework
- Deploying appropriate technology, resources and infrastructure at SOLV to provide the required level of protection.
- Educating and ensuring employees, affiliates and contracted third-parties of SOLV are aware of the information security policy, its supporting normative standards, and guidelines.
- Enabling access to information and information technology resources in a controlled, monitored, and authorized manner as per the job function and on a need-to-know and need-to-perform criteria.
- Improving the effectiveness of the Information Security program by performing constant monitoring, review, exception-reporting and taking appropriate corrective and preventive actions.
- Ensuring that compliance violations are documented, reported and investigated.
- Creating and maintaining a security conscious culture within the organization.
- Integrating information security management system requirements into organization’s processes.
- Continuity of Information Security during BCP scenarios.