Menu
  • ABOUT US
  • SOLUTIONS
  • INDUSTRIES
  • INNOVATION
    • QuantiDOS
  • CONSULTING
  • PARTNERSHIPS
  • TALENT
  • ABOUT US
  • SOLUTIONS
  • INDUSTRIES
  • INNOVATION
    • QuantiDOS
  • CONSULTING
  • PARTNERSHIPS
  • TALENT
CONTACT

Integrated Management System Information Security Policy

1 Introduction

IKNOWHOW SA recognizes the importance of information security in ensuring the confidentiality, integrity, and availability of information assets entrusted to us by our clients, partners, and employees. This Information Security Policy outlines our commitment to establishing, implementing, and maintaining effective information security practices by ISO/IEC 27001:2022.

2  Scope

This Information Security Policy applies to all aspects of IKNOWHOW ‘s operations, including the design, development, customization, implementation, maintenance, and support of information and geographical information systems, as well as consulting services in implementing information systems.

3 Information Security Objectives

3.1 – Confidentiality

We are committed to protecting sensitive and confidential information from unauthorized access, disclosure, or misuse through the implementation of access controls, encryption, and other appropriate measures.

3.2 – Integrity

We strive to maintain the accuracy, completeness, and reliability of information assets by implementing controls to prevent unauthorized modification, deletion, or corruption.

3.3 – Availability

We ensure the availability of information systems and services to support business operations and customer requirements by implementing measures to prevent and mitigate disruptions, including redundancy, backup, and disaster recovery plans.

3.4 Compliance

We are dedicated to complying with all relevant legal, regulatory, and contractual requirements related to information security and privacy, including GDPR, NIS2, ΕΚΒΑ, and other applicable regulations.

3.5  Continuous Improvement

We foster a culture of continuous improvement, innovation, and learning to enhance our information security posture, identify and mitigate emerging threats and vulnerabilities, and adapt to changing business needs and technological advancements.

4 Information Security Responsibilities

4.1 Management

Top management is responsible for establishing, implementing, and maintaining an Integrated Management System (IMS), providing necessary resources, and demonstrating leadership in promoting a culture of security awareness and vigilance.

4.2  – Chief Information Security Officer (CISO)

Top management has assigned the role of Chief Information Security Officer to a competent person who is responsible for overseeing the implementation of the IMS, conducting risk assessments, coordinating security activities, and ensuring compliance with ISO/IEC 27001:2022 requirements.

4.3  Employees

All employees are responsible for adhering to information security policies, procedures, and guidelines, reporting security incidents promptly, and actively participating in security awareness training and education programs.

5  Information Security Controls

IKNOWHOW implements a comprehensive set of information security controls to protect information assets from threats and vulnerabilities. These controls include but are not limited to:

  • Access Control
  • Encryption
  • Authentication and Authorization
  • Network Security
  • Data Backup and Recovery
  • Incident Response and Management
  • Security Awareness Training
  • Vendor Management

6  Compliance

IKNOWHOW is committed to complying with all relevant legal, regulatory, and contractual requirements related to information security and privacy. This includes but is not limited to GDPR, NIS2, ΕΚΒΑ, and other applicable regulations.

7 Training and Awareness

We provide regular training and awareness programs to our employees to enhance their understanding of information security risks, threats, and best practices, and to ensure compliance with information security policies and procedures.

8 Monitoring and Review

We regularly monitor, review, and evaluate our information security controls, practices, and incidents to identify areas for improvement, address emerging threats and vulnerabilities, and ensure ongoing compliance with ISO/IEC 27001:2022 requirements.

9 Policy Review and Updates

This Information Security Policy will be periodically reviewed and updated as necessary to reflect changes in business operations, technology, regulatory requirements, and emerging threats, ensuring its continued suitability and effectiveness.

10 Policy Communication

This Information Security Policy will be communicated to all employees, contractors, vendors, and partners and made available through the company’s intranet or other relevant channels to ensure awareness, understanding, and commitment to its principles and objectives.

11 Document information:

Security Classification: Public
Document Name: Information Security Policy
Document Number: ISMS-01
Current Version Number: 2.0
Date: 19/5/2025
State: Final
Prepared by:
Reviewed by:
Approved by:

 

12 Revision history

Version Date Description Reviewer
2.0 19/5/2025 Version 2.0

 

Approval signature

FOTOPOULOU AIKATERINI CEO

GET IN TOUCH

info@iknowhow.com
+30 2106041425
340 Kifisias Avenue, 15451, Athens
134 Peiraios Avenue, 11854, Athens
Linkedin
Integrated Management System Environmental Policy
Integrated Management System Quality Policy
Integrated Management System Information Security Policy

Copyright 2024 | Official Website I KNOW HOW S.A | All Rights Reserved

BACK TO TOP