VATEBRA ISMS POLICY STATEMENT
Vertebra is committed to ensuring the security of its business (clients, employees, partners and shareholders) in the face of security breaches and unwanted events that could lead to undesired disruptions.
The organisation has implemented a formal Information Security Management System (ISMS) that is compliant with ISO/IEC 27001:2013, the international standard for information security which outlines the organisation’s high-level policy objectives and commitment to implement good information risk and information security practices. The ISMS is a systematic approach to managing and securing information assets.
The purpose of this document is to define an overall policy with regard to information security that is appropriate to the purpose of Vertebra and includes:
• A framework for setting information security objectives
• A commitment to satisfying applicable requirements
• A commitment to continual improvement of the ISMS
ISMS Policy Objectives
Vertebra commits to complying with legal and other requirements and ensuring that identified critical business functions are always available.
• Objective 1 – Provide 100% assurance of information systems resilience
• Objective 2 – Improve security-awareness culture by 90%
• Objective 3 – Protect 100% of client confidential information.
• Objective 4 – Protect all critical information assets and critical business processes relative to Vatebra’s core business
The realisation of these objectives will be directed through the organisation’s Information Security Management System (ISMS). Vertebra Management acknowledges the need for continual improvement and has introduced various methods to ensure the effectiveness and continual improvement of the processes are achieved. The review of the Information Security Policy and related documents shall be performed at least on an annual basis or when significant changes occur to ensure suitability, adequacy, and effectiveness of the ISMS.