Information Security Management in VDOO
VDOO Management is committed to ensure that VDOO activities are executed with the highest regard for data security and quality and to define quality targets and information security objectives that will be in line with the ISMS policy and the ISO27001:2013 Standard. Arrangements to achieve this are stated in the Company’s and ISMS Policy, including the following principles:
Compliance with laws, orders and regulations and contract demands applicable to the product's information integrity and security, as well as any applicable legislative demand regarding the final product and its production processes.
Compliance with interest holders' requirements.
Continuous reduction and prevention of risks to the confidentiality and integrity of the information by highlighting the importance of security as an enabling mechanism for information sharing.
Mapping and managing the risks by conducting a periodical risk assessment and a risk reduction program according to its findings.
The management will define its security and quality education, training, and awareness requirements and assign resources for its full operation.
The management will create a business continuity management document and will assign resources and processes to achieve its fulfillment.
Continual monitoring of provision of service and security.
Effective and efficient execution of processes at a professional level, striving for excellence and continuous improvement of the effectiveness.
Full coordination with the security requirements of the customer and to its satisfaction. Initiating Management Surveys and determination of annual objectives for improving the information security system, its adaptation and its efficiency.
Ensuring the availability of necessary resources for management and control of the security system and training of human resources in regard.
Continuous improvement of the IT & security processes.