The Information Security Unit is responsible for the preparation and implementation of Information Security strategy, along with security operations, cyberrisk mitigation and defense, data loss prevention, security architecture, identity and access management, program management and governance.
The Group's Information Security Committee is informed of any issue related to Systems Security. The Group's Information Security Committee consists of two independent members of the Board of Directors with experience in technology, information systems and information security.
FOURLIS Group has never experienced any information security breach.
The Group has an Information Systems Security Policy. The purpose of the policy is to document the general rules established by the Group for the implementation of its Information Security Strategy. These general rules set out in the Information Security Policy are further formalized in the individual policies for each specific topic that have also been established and appear below.
The Group's Information Systems Security Policy includes the following:
- Information Security Management Framework
- Human Resources Security Policy
- Acceptable Use Policy
- Information Classification Policy
- Access Control Policy
- Cryptography Policy
- Physical and Environmental Security Policy
- Operations Security Policy
- Backup Policy
- Network Security Policy
- Systems Acquisition and Development Policy
- Third Party Security Policy
- Information Security Incident Management Policy
- Business Continuity Policy
- Information Security Compliance Policy
The Group has developed an Information Security Management System (ISMS) and is in the process of certification according to the international standard ISO 27001
Read more