Security Policy ISO 27001
Purpose & Scope
This policy applies to all BSafe Group operations in Belgium, Europe, Asia, the USA and other international locations. It sets out our commitment to protecting the company’s information assets, physical infrastructure and personnel from security threats in line with ISO 27001 requirements. The scope covers all employees, contractors, suppliers and stakeholders who access or manage BSafe Group’s information systems or facilities.
Policy statement
BSafe Group is committed to establishing and maintaining an Information Security Management System (ISMS) that ensures confidentiality, integrity and availability of information. We will protect against unauthorised access, disclosure, alteration and destruction of data and we will maintain robust physical, network and operational security measures.
Objectives
3.1 Prevent unauthorised access to information systems and sensitive data.
3.2 Provide regular staff training on cybersecurity, data protection and physical security protocols.
3.3 Implement and test incident response and disaster recovery plans.
3.4 Safeguard client, employee and company intellectual property.
3.5 Maintain compliance with applicable data protection laws and ISO 27001 standards.
Responsibilities
- Management: Allocate resources, enforce security controls and monitor performance.
- IT & Security Teams: Manage access controls, system monitoring and threat detection.
- Employees: Adhere to security procedures, report incidents promptly and protect company devices and data.
Review
This policy will be reviewed annually or following significant security incidents, technological advancements, or regulatory changes, ensuring continual improvement of our ISMS and overall security posture.
