Information security policy

Serpentarius Software Ltd. is active in the field of information technology, where the level of information security is considered a fundamental quality parameter of the services provided. The activities of Serpentarius Software Ltd. are software development, hosting services, information technology consulting, license sales and other IT services.

By operating an information security management system, we achieve the objective of increasing and maintaining a high level of information security for all the company's activities. We ensure the confidentiality, authenticity, integrity, integrity and availability of the data managed and processed by the organisation. By operating an information security management system and maintaining the ISO IEC/27001:2023 certification, we make the organisation's efforts and achievements in this direction visible to existing and potential customers.

In addition, by operating the information security management system, the management of the organisation aims to achieve the following objectives:

• Identify the current external and internal information security expectations that stakeholders have of the organisation.
• Current risks to information security are identified and, where necessary, an appropriate risk management plan is developed, implemented and monitored.
• Procedures for information security should be documented, implemented and trained for employees. Compliance with procedures is monitored, their effectiveness is measured and the information security management system is continuously improved based on the results.
• The organisation should be able to function effectively, even in long-term, full-time teleworking.

In order to achieve the above objectives, the management of the organisation is committed to ensuring that the requirements of the information security management system are embedded in the organisation's processes and that the necessary resources are available. The management of the organisation shall communicate the importance of information security on an ongoing basis and promote continuous improvement to ensure that the information security management system achieves the expected results.