Apokoronas SA - Kastorias 4

Protecting information and its processing systems is of strategic importance to the Company in order to achieve its short-term and long-term goals and at the same time to ensure the confidentiality of the data of customers who receive its services.

Recognizing the criticality of information and information systems in the performance of its business functions, Okstasoft SA implements Information Security Policy with the aim of:
1) Ensuring the confidentiality, integrity and availability of the information it manages
2) ensuring the proper functioning of information systems
3) the timely handling of incidents that may jeopardize the Company's business operations
4) the satisfaction of legislative and regulatory requirements
5) continuous improvement of the Information Security level.

For this purpose:
1) define the organizational structures necessary for monitoring issues related to Information Security
2) the technical measures for control and restriction of access to information and information systems are defined
3) the way of grading the information is determined according to their importance and value
4) describe the necessary actions to protect information during the stages of their processing, storage and handling
5) the ways of informing and training the employees and the collaborators of the Company in matters of Information Security are determined.
6) the ways of dealing with Information Security incidents are determined
7) describe the ways in which the safe continuity of the Company's operational functions is ensured in case of malfunction of information systems or in cases of disasters.

The Company makes estimates of the risks associated with Information Security at regular intervals and takes the necessary measures to address them. It implements a framework for evaluating the effectiveness of Information Security procedures through which performance indicators are determined, their measurement methodology is described and periodic reports are produced which are reviewed by the Management in order to continuously improve the system.

The Information Security Officer is responsible for monitoring the policies and procedures related to Information Security and taking the necessary initiatives to eliminate all those factors that may jeopardize the availability, integrity and confidentiality of the company's data.

All the employees of the Company and its associates with access to information and information systems of the Company, have the responsibility of following the rules of the applied Information Security Policy.

Oktasoft is committed to the uninterrupted monitoring and compliance with the regulatory and legislative framework and to the continuous implementation and improvement of the effectiveness of the Information Security Management System.