POLICY FOR INFORMA TION SECURITY MANAGEMENT
The aim of AEP Ticketing solutions is to do everything reasonably possible to ensure maximum security of the infarmation and data in its possession. The Company considers the regulatory and legai requirements far information and data security as minimum standards and with maintain an active culture of their security with a strong commitment using the indications of the ISO 27001 standard as a reference and through the continuous development of ever better systems.
lt is the responsibility of the Organization to verify that everything reasonably possib/e is put in piace to protect infarmation and data through:
- the deve/opment of the culture of each worker about the importance of information and data security;
- the maintenance of safe structures;
- carrying out the risk assessment of the activities and implementing the necessary actions to reduce these risks to the Jowest possible level;
- the execution of checks aimed at maintaining compliance with the security requirements set by the regulations and company procedures.
Management is responsible far ensuring that the security requirements are met and has full support from the Company’s CEO to achieve this goal.
lt is the responsibility and obligation of each employee to collaborate and contribute to the implementation of our policy in the fol/owing ways:
- comply with company procedures aimed at ensuring that the company’s information and data assets are protected;
- disseminate their skills and experiences to colleagues and collaborators;
- notify incidents and collaborate in the search far possible protection improvements;
- improve the necessary skills by participating in specific training courses;
All legai and regulatory requirements far their updating and taking charge will be monitored.
Since the security of information and data is an incalculable asse! of the Company, it is an integrai part of our business and therefare high standards far the management of their security will be pursued with the same vigor as the other management objectives.