Integrated management system policy

  1. To continuously improve information security, the quality of our processes and environmental care, we will follow the applicable standards of ČSN EN ISO 27001, ČSN EN ISO 9001 and ČSN EN ISO 14001 for each activity.
  2. Management will regularly set and evaluate appropriate IMS objectives and programs.
  3. For each activity, we will comply with all legal, normative and regulatory requirements and the requirements of our customers and partners, as well as requirements to which we voluntarily commit.
  4. We owe it to our customers to improve what we do and how we do it. Their feedback and satisfaction is crucial to us and we will continually collect and evaluate it.
  5. The quality of our suppliers influences the quality of our products and services, so we are committed to developing cooperation and to regularly evaluating and selecting our suppliers.
  6. A responsible company creates products that help their users not only to work better, but also to behave more responsibly. Thus, we can contribute to environmental sustainability not only by how we behave, but especially by how we positively influence the behavior of our customers.
  7. We are an open company and will always consider any opinion or idea that could contribute to better information security, the quality of our processes or to reducing our environmental impact.
  8. The information we manage is critical to the operation and credibility of our company and the way we work with our customers and partners. Our company is responsible for protecting it against loss or misuse and therefore considers it essential to ensure the security of its data and that of its customers and to give it the utmost attention.
  9. Information security is an equal and inseparable part of the IMS. It is organized and managed in accordance with the IMS and applicable legislation. The company's management is committed to implementing all security measures aimed at meeting information security objectives and principles.
  10. All access rights are governed by the following information access policy:
    • Each employee shall have access only to the information he/she needs to perform his/her job.
    • The assignment of access rights shall be determined by the employee's supervisor within the scope of his/her authority.
    • Any access rights that is no longer needed to perform the job is immediately removed.
    • Remote access is permitted only to the extent necessary to perform the job. The employee is required to follow established procedures and maintain heightened security.
    • The setup of all network services must honor the "What is not allowed is forbidden" policy.
  11. We all will follow defined work procedures, raise any inconsistencies or risks, make suggestions for improvements, verify proposed solutions and put them into practice.

Last updated: 12 December 2022