The Information Security Policy is based on the ISO/IEC 27002:2013 implementation guidance for the British Standard for Information Security ISO/IEC 27001:2013 controls.
Acunetix is committed to the development and maintenance of an Information Security Management System based upon the International Standard the Company has developed this Information Security Policy to:
- Provide direction and support for information security in accordance with business requirements, regulations and legal requirements.
- State the responsibilities of staff, partners, contractors and any other individual or organization having access to the Company’s information assets.
- State management intent to support the goals and principles of security in line with business strategy and objectives.
- Provide a framework by which the confidentiality, integrity and availability of the Company’s information assets can be maintained.
- Optimize the management of risks, by preventing and minimizing the impact of Information Security incidents.
- Ensure that all breaches of information security are reported, investigated and appropriate action taken where required.
- Ensure that supporting ISMS policies and procedures are regularly reviewed and continual improvement is maintained to ensure progressive good working practices and procedures.
- Ensure information security requirements are regularly communicated to all relevant parties.