Protection of information and its processing systems is of strategic importance for the Company
in order to achieve its short and long term objectives and at the same time to ensure the
confidentiality of the data of customers receiving its services.
Recognizing the criticality of information and information systems in the execution of its
business operations, TSOMOKOS implements an Information Security Policy with the aim of:
- ensuring the confidentiality, integrity and availability of the information it manages
- ensuring the proper operation of information systems
- the timely response to incidents that may endanger the Company's business operations
- meeting legislative and regulatory requirements
- the continuous improvement of Information Security.
For this purpose the Company:
- defines the organizational structures necessary to monitor issues related to Information
Security
- defines the technical measures to control and restrict access to information and information
systems
- defines the way in which information is classified according to its importance and value
- describes the necessary measures to protect information at the stages of its processing, storage
and circulation
- determines the ways of informing and training the company's employees and partners on
Information Security issues
- identifies the ways of dealing with Information Security incidents
- describes the ways in which the continuity of the Company's business operations is ensured in
the event of malfunctioning of information systems or in the event of disasters.
The Company conducts assessments of Information Security related risks at regular intervals and
takes the necessary measures to address them. It implements a framework for evaluating the
effectiveness of Information Security processes through which performance indicators are
defined, the methodology for measuring them is described and periodic reports are produced
and reviewed by the Management in order to continuously improve the system.
The Information Security Officer is responsible for controlling and monitoring the policies and
procedures related to Information Security and is taking the necessary initiatives to eliminate all
those factors that may compromise the availability, integrity and confidentiality of the
Company's information.
All employees of the Company and its partners with access to the Company's information and
information systems are responsible for complying with the rules of the applicable Information
Security Policy.
Tsomokos is committed to the continuous monitoring and compliance with the regulatory and
legislative framework and to the continuous implementation and improvement of the
effectiveness of the Information Security Management System.