Why Information Security Policy Is Necessary
- its core and supporting business operations continue to operate with minimal disruptions;
- all information that is used or stored by SoftGamings has absolute integrity and availability;
- all relevant information is managed and stored with appropriate confidentiality procedures in place;
- all organisations’ information assets are protected from all threats, whether internal or external, deliberate or accidental.
Security Policy Information
- Information will be made available with minimal disruption to staff and the public as required by the business process, which means that information and vital services will be available to information users when and where they need them;
- Information will be classified according to the necessary protection levels. This will ensure the protection of valuable or sensitive information from unauthorised disclosure or unavoidable interruptions. Moreover, the confidentiality of information not limited to research, third parties, personal and electronic communications data will be provided;
- Applicable regulatory and legislative requirements will be met. This will ensure that SoftGamings remains compliant to applicable business, national and international laws;
- Information security education, awareness, and training will be made available to staff and relevant external parties. This ensures that the staff is knowledgeable and understands how to use and implement this information security policy, as well as their duties and responsibilities;
- The integrity of information will be maintained. This means that information will be kept intact, while the accuracy and completeness of information will be safeguarded and protected from unauthorised modification;
- A system of reporting will be in place. This means that all breaches of security, actual or suspected, will be reported and investigated by relevant authorities or SoftGamings’ staff;
- An information security system control process shall be in place. This means that appropriate access control will be maintained and information will be protected from unauthorised access;
- An information continuity system will be in place. This means that there are business continuity plans in place that will be used to counteract interruptions of business activities and protect critical business processes from the effects of major failures or disasters.
The management representative is the Head of DevOps and has direct responsibility for designing, planning, implementing, and operating the IS within SoftGamings. He also is involved in writing and/or managing the development of relevant policies, procedures, and guidelines not limited to information security.
The internal auditor is directly responsible for verifying the effectiveness of the IS policy. The IS policy is subject to review.