The purpose of the Information Security Policy is to ensure and protect the information assets of Sion Gard Ltd. and its clients from all threats, whether internal or external, accidental or intentional, through the establishment, implementation, execution, monitoring, review, maintenance, and improvement of the Information Security Management System (ISMS) in the area of:

• Physical security of individuals, property, and business operations,
• Technical security with a control and operational center,
• Fire protection,
• Protection of your valuables and securities, both on-site and in transit,
• Training and education for security service operations,
• Intellectual services related to security (in terms of risk assessment).

The Information Security Policy ensures and guarantees:

• Continuous availability of information to users, where they have assigned access rights,
• Access to services and information is granted after user authentication,
• Information is protected from unauthorized access, unauthorized users of applications and systems,
• The integrity of information is maintained by protecting against unauthorized modifications,
• Servers and other equipment are located in a secure area with strict access control and log monitoring, for the physical protection of documents and information resources,
• Secured redundancy of equipment to ensure continuous system availability,
• Regular data backups on the information system,
• Compliance of operations with legal requirements for information security,
• Protection of private information,
• Information security training for all employees,
• All violations of secure information handling will be documented and investigated.

All employees are responsible for the implementation of the information security policy and must support the managers who have established the policy and rules.

The purpose of the information security policy in the organization Sion Gard Ltd. is as follows:

• To identify phenomena that may pose risks to assets and determine vulnerabilities and potential causes of incidents that could lead to harmful consequences at Sion Gard Ltd.
• To manage risks at an acceptable level through the design, implementation, and maintenance of the ISMS (Information Security Management System).
• To ensure compliance with contractual obligations as well as relevant legal regulations.
• To be in accordance with all instructions of Sion Gard Ltd.
• To ensure operations are in compliance with the ISO/IEC 27001:2014 standard.
• To ensure that the ISO/IEC 27001:2014 certification is achieved and maintained.