Information Security Policy
The policy of GCR JSC is to provide for information security of financial and technical information and data of the Company, customers and third parties in connection with the implementation of the activities included in the scope.
The information security policy aims at developing all activities and processes in a way that ensures the maintenance of information security of the Company in compliance with the following guiding principles:
- Development and maintenance of a secure and reliable IT infrastructure to ensure information availability.
- Regular review of the methods, principles, and mechanisms for information protection, for the needs of the activities in the Company.
- Ensuring the confidentiality of information by building a system of measures for its effective protection against illegal acquisition, modification, destruction, or loss.
- Maintaining up to date procedures, rules, and good practices for information security, ensuring reliability, up-to-dateness and completeness of the information in the management system.
- Timely and adequate response in case of misuse, loss, or unauthorized acquisition of information, as well as in case of disasters and accidents.
- Minimizing the risks to the security of information, causing loss or damage to the work process of the Company.
- Providing qualified personnel for the needs of the information security management system.
- Compliance with applicable regulatory requirements and the requirements of customers and other interested parties relevant to information security.