The value of information goes beyond written words, numbers and images. Knowledge, concepts, ideas and brands are intangible forms of information. In an interconnected world, information and related processes, systems, networks and personnel involved in their operation, handling and protection are assets, which like other important business assets are valuable to an organization’s business and consequently deserve or require protection against various hazards.
Assets are subject to both deliberate and accidental threats while the related processes, systems, networks and people have inherent vulnerabilities. Changes to business processes and systems or other external changes (such as new laws and regulations) may create new information security risks. Therefore, given the multitude of ways in which threats could take advantage of vulnerabilities to harm the organization, information security risks are always present. Expleo Solutions Limited believes that effective Information Security reduces these risks by protecting the organization against threats and vulnerabilities and reduces impact to its assets.
Information Security at Expleo Solutions Limited is achieved by implementing a suitable set of controls, including policies, processes, procedures, organizational structures, software and hardware functions. These controls are established, implemented, monitored, reviewed and improved to ensure that the specific security and business objectives of the organization are met.
Expleo Solutions Limited adopted ISO 27001, an International Standard for establishing, implementing, maintaining and continually improving an Information Security Management System. The adoption of an Information Security Management System is a strategic decision for an organization. The establishment and implementation of an organization’s Information Security Management System is influenced by the organization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization. The Information Security Management System implemented at Expleo Solutions Limited preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.
At Expleo Solutions, the Information Security Management System is a part of the organization’s processes and is integrated with the overall management structure and Information Security is considered in the design of processes, information systems and controls.