The Group has developed and implements an Information Security Management System. To serve the purposes of the Information Security System, the company Management recognises the risks which threat the Security of Information produced in the context of our operations, and provides all required resources, in order to implement an Information Security Management System in accordance with the ISO 27001:2013 international standard.
This policy applies to all systems, people and processes that constitute the Group’s information systems, including board members, directors, employees, suppliers and other third parties who have access to Mellon Group systems, through:
- Protection of resources and information in the context of Company's services, against any threat, whether internal or external, intentional or accidental;
- Systematic evaluation and assessment of risks related to information security, aiming at the proper and timely management thereof;
- Secure development and maintenance procedures for applications, systems, and services;
- Data archiving, avoidance of viruses and external intrusions, system access control, recording of all security-related incidents, and contingency management;
- Continuous briefing of management and staff about all information security-related issues;
- Control of transported and exchanged information and data;
- Protection of Company's interests and interests of all parties who are dealing with it and trust it;
- Immediate and efficient handling of incidents and security breaches;
- Encouraging internal and external communication related to Information Security issues;
- Commitment to strict implementation of the Security Policies and all applicable National and European laws.
The Group is committed to constantly making efforts to improve the Information Security Management System, in order to be able to offer high levels of security to all parties it transacts with.