Domů General Terms and Conditions Security Management Policy

Security Management Policy

We protect our information systematically, responsibly, and in compliance with international standards.

(the “ISMS Policy”) of TECHNODAT (hereinafter also referred to as “the Company”) is an annex to the ISMS Management directive (see document I5_ISMS_Management).

The Company's senior management is aware of the importance of information security and has therefore established the Company's Information Security Management System (hereinafter also referred to as "ISMS"), published this policy, and committed every employee of the Company to be responsible for its implementation.

 

We implement an information security management system

We have created, documented, implemented, maintained, and continuously improved the ISMS system, processes, and activities.

We implement the ISMS system with the aim of:

  • directing all our activities and processes towards the continuous improvement of the ISMS system;
  • implementing the principles of quality management and risk management, a process and system approach;
  • establish and maintain system resilience against failure, confidentiality, availability, and integrity of information;
  • prevent misuse, disclosure, or destruction of personal data, information, and all information assets;
  • reduce vulnerability to external and internal threats;
  • ensure support, environment, communication, awareness, knowledge, and documentation;
  • establish competencies, maximize motivation, and involve employees in the ISMS systém;
  • maintain compliance with legislative requirements and the requirements of ISO 27001, ISO 27002, and ISO 27003;
  • maintain compliance with contractual requirements and the expectations of our customers.

The Company's senior management supports the ISMS

The Company's senior management supports the ISMS and is committed to:

  • implementing the ISMS as part of the Company's strategic direction;
  • supporting and delegating responsibility and independence to ISMS Auditors, the ISMS Committee, the ISMS Manager, and the ISMS Architect, who ensure the professional management of the ISMS;
  • ensure the availability of resources and conditions for achieving ISMS performance;
  • ensure the support and implementation of all processes to achieve an effective ISMS;
  • provide independence for internal audits and address the findings of internal auditors;
  • consistently and effectively implement measures for risks, opportunities, and incidents;
  • support continuous improvement of ISMS and resilience of information systems.

Increasing information security and system resilience

We implement measures to increase information security and system resilience:

  • information security maintains the confidentiality, integrity, and availability of information by applying a risk management process and assures interested parties that risks are adequately reduced;
  • we implement measures to address information security risks and test their effectiveness and significance in terms of their impact on the Company's processes.
  • we define the scope of the ISMS, including its structure, boundaries, and relationships.
  • we establish and enforce the ISMS policy statement.
  • we manage risks:
    • we establish the organization's approach to risk assessment.
    • identify risks, including the identification of assets and their owners,
    • establish risk analysis and evaluation,
    • identify and evaluate options for risk management,
    • select the objectives of measures and individual measures for risk management,
    • the company's management agrees with the proposed residual risks and the implementation of the ISMS;
  • we manage security management in a systematic and comprehensive manner;
  • we effectively manage investments in the ISMS system;
  • we manage the inventory of our own assets, their valuation, and classification;
  • we manage the elimination or reduction of risks in the area of information systems;
  • we implement systematic and systematic approaches to the use of IT/IS;
  • we secure employees and enforce technical measures;
  • we manage access and rights in the ISMS system;
  • we manage and secure assets;
  • we manage and improve cryptography;
  • we manage physical security;
  • we manage operations and daily activities to;
  • we manage supplier relationships and confidentiality;
  • we resolve incidents and establish measures to address them;
  • we strengthen the continuity and resilience of systems and equipment;
  • we raise employee awareness and responsibility when working with information;
  • we comply with legislative, normative, and contractual requirements;
  • we maintain credibility for our partners;
  • we continuously monitor and improve the ISMS system;
  • we maintain competitive advantage, cultivate our image and corporate culture;
  • we raise awareness among employees at all levels and motivate them to perform their activities in a security-conscious manner;
  • we encourage our subcontractors and contractual partners to demonstrate greater security awareness and, through controlled cooperation, we work to increase their awareness of information security.

ISMS Policy document for download

ABOUT US
PRODUCTS
CAREER
LEGAL TERMS AND CONDITIONS
© TECHNODAT 2025 All rights reserved.
.