Information Security Policy

Information Security Policy

Broker Systems recognizes the need to safeguard the information in its possession or under its control as well as the obligation to comply with the Greek and European legal and regulatory framework.

The Security Policy is the framework for the protection of data managed by Broker Systems, providing guidance to the Company on how to organize and process information. The Security Policy consists of a set of rules that define how Broker Systems manages and protects its Information Assets. These rules define the role of each person involved within Broker Systems, their responsibilities and duties.

The purpose of the Security Policy is the safe, reliable and uninterrupted provision of services and products to end customers or collaborating parties. The aim of the Security Policy is to establish a framework of general guidelines for the protection of Broker Systems’ information, the implementation of which ensures an acceptable level of Security for the company in relation to its risk profile.

In addition, the aim of the policy is to place restrictions on the access and use of computers, information systems, networks, means of electronic communication and other relevant information means used for the storage and processing of data, documents and software that Broker Systems owns and uses with the ultimate goal of ensuring the availability, integrity and confidentiality of information and information goods.

The primary objectives of security policy are also:

  • The protection of Broker Systems’ information.
  • Ensuring the trust of Broker Systems' clients.
  • To ensure compatibility with the Greek Legislative and Institutional Framework (Greek legislation).
  • The determination of the level and security requirements of the company.
  • The establishment of mechanisms that support the identification and prevention of threats to Broker Systems’ information and the effective response of the company when threats materialize.
  • The definition of the roles and responsibilities of the members of the company, in order to achieve the protection of information and information assets.
  • To increase awareness of the risks involved in the company's information and information systems.

For this reason, Broker Systems takes the necessary measures at a technical and organizational level in order to ensure the integrity, availability and confidentiality of the information it processes. At the same time, it implements policies and procedures in the following context:

  • Define the organizational structures necessary to monitor issues related to Information Security.
  • The technical measures for controlling and restricting access to information and information systems are defined.
  • The manner in which information is to be classified according to its importance and value shall be determined.
  • The necessary actions for the protection of information during the processing, storage and handling stages are described.
  • The ways of informing and training the Company's employees and associates on Information Security issues are determined.
  • Identify ways to deal with Information Security incidents.
  • The ways in which the safe continuity of the Company's business operations is ensured in cases of malfunction of information systems or in cases of disasters are described.

All of Broker Systems’ employees and its associates with access to information and information systems of the Company, are responsible for complying with the rules of the applicable Information Security Policy.