Information Security Policy
ISD Design Company Ltd. operating under the trademark of SOLVVE (hereinafter ‘SOLVVE’, ‘we’ or the ‘Company’) has established a goal to meet the requirements of the Company’s current and future Clients by developing software that is high-tech, secure, reliable, and aligned with end-users’ expectations by design. The Company maintains a strong focus on ensuring information security throughout the process of development, delivery, and maintenance of any products or services provided by SOLVVE.
To achieve this, the Company focuses on continuous innovation and growth by the means of implementation, maintenance, and improvement of the Company’s information security management system (hereinafter, ‘ISMS’) in accordance with ISO/IEC 27001:2013.
The proper functioning of the ISMS is ensured by a thorough set of security policies covering areas of information security, physical security, incident response, logical access, change management, vulnerability management, risk management and support. These policies are reviewed and approved at least annually. The Company’s staff shall be promptly notified of any updates to these policies.
To implement this Information Security Policy, the Company commits to the following actions:
- Ensure the highest possible levels of security throughout the development lifecycle of any products we develop for our Clients.
- Protect the Company’s information from external and internal threats, by ensuring an appropriate level of confidentiality, integrity, and availability of all assets associated with information and information processing facilities, including:
- the Company’s business processes;
- information owned by the Company;
- information owned by the Company’s Clients and Partners that is created, received, stored, transmitted or processed using the Company’s resources;
- intellectual property assets owned by the Company;
- intellectual property assets delivered to the Client by the Company;
- intellectual property assets owned by the Client and stored on the Company’s information resources;
- the network and server infrastructure of the Company;
- the software and hardware systems and services owned by the Company;
- property, plant and equipment of the Company.
The Company’s top management is fully responsible for the implementation of the Information Security Policy and makes a commitment to ensure maintenance and continual improvement of the Information Security Management System in compliance with the requirements of ISO/IEC 27001:2013 and the information security requirements of the Clients. All staff members at SOLVVE are obligated to understand the requirements of the ISMS and follow these requirements in their work.