The aim of this top-level Policy is to define the purpose, direction, principles, and basic rules for Mainlink UAB (hereafter – Company) information security management.
Purpose - to provide an information security framework for information security assurance at Company to reduce the information security threats risks down to an acceptable risk level and properly manage the intended IS measures.
This Policy applies to Mainlink UAB as defined in the A01 Scope Document.
This Policy applies to all Mainlink employees and third parties who are authorized to access Mainlink information assets.
Declaration of support for management system implementation
Top Management declare that Policy implementation and continual improvement will be supported with adequate resources to achieve all objectives set in this Policy, as well as satisfy all identified requirements by ensuring the compliance with ISO/IEC 27001:2013, ISO 9001:2015 standards requirements and the rules of General Data Protection Act (GDPR) in Europe.
Hereby Top Management declare that management system (hereafter - MS) implementation and continual improvement will be supported with adequate resources to achieve all objectives set in this Policy, as well as satisfy all identified requirements by:
- Ensuring the compliance with ISO/IEC 27001:2013, ISO 9001:2015 standards requirements.
- Ensuring the Policy and the MS objectives are established and are compatible with the strategic direction of the Company.
- Ensuring the integration of MS requirements into the Company’s processes.
- Ensuring the support to achieving compliance with applicable legislation and the contractual terms between Company and clients, also comply with stakeholder requirements.
- Ensuring that the resources needed for the MS are available.
- Communicating the importance of effective MS and of conforming to the MS requirements.
- Ensuring that the MS achieves its intended outcome(s).
- Directing and supporting persons to contribute to the effectiveness of the MS.
- Promoting continual improvement.
- Supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.
Policy is classified as a public document and is available to all the Mainlink interested parties.
Policy is constantly reviewed and updated if needed during management review to remain relevant and current.