Quality and Information Security Policy
GENERAL INFORMATION
SYBRAXIS is active in the fields of financial & tax services to companies, state agencies and private individuals.
The company's overall policy in the fields of Quality & Information Security of the services it provides to its clients is expressed through the principles and beliefs of Management in these fields, provides guidance to executives in their administration, and is aligned with the overall strategic direction of SYBRAXIS.
QUALITY AND INFORMATION SECURITY POLICY
This statement expresses the policy adhered to by SYBRAXIS for the development, application and continual improvement of an Integrated Management System for the Quality of Services and Information Security that satisfies the requirements of the ISO 9001:2015 and ISO 27001:2013 standards.
Our policy for the Integrated Management System (QISMS) is based on the fundamental principles of measurement and programming, and our commitment to continual improvement in the fields of Quality of Services and Information Security. This is achieved through setting, applying and revising goals, which are documented and monitored within the company, in the context of continually improving our services, according to the commitment undertaken by Management.
Furthermore, we continuously re-examine the suitability of our integrated management system, our procedures, our working methods and potential risks, combined with the requirements and expectations of our clients, our employees and any person or agency interested in the company, in order to ensure that our overall system is suitable for the nature, scale and impact of the services provided by the company.
More specifically, SYBRAXIS is committed to:
- Meeting or exceeding its clients’ expectations as regards its Quality of Services and Information Security;
- Complying with all legislation concerning Quality under the ISO 9001:2015 standard and Information Security under the ISO 27001:2013 standard, as well all other legal and regulatory requirements;
- Maintaining good business and mutually profitable relations with clients, associates, suppliers and other stakeholders;
- Safeguarding and Maintaining the ability of all Company employees at the level required in order to be able to identify and perform the contractual, legal and other requirements of the Company regarding its Quality of Services and Information Security;
- Applying special processes for the control, effectiveness and continual improvement of all existing and new services the Company can provide;
- Adopting an integrated, process-centric approach to providing services effectively and covering its clients’ requirements;
- Ensuring that decisions on information security are made on the basis of risk assessments of all company processes and relevant assets, taking account of preserving the integrity, availability and confidentiality of the information;
- Managing security incidents in an effective manner in order to minimize their impact;
- Ensuring the Company’s continued ability to meet its contractual commitments through appropriate business continuity plans;
- Ensuring that operations are not disrupted when responding to a security incident;
- Improving the Quality and Information Security Management System on a continual basis;
- Disclosing this policy to its staff, to individuals or to other agencies working under its control, as well as other stakeholders, as applicable.
This Policy Statement of SYBRAXIS is re-examined by Management on an annual basis.
S. MAKRYNIOTIS HEAD OF QUALITY MANAGEMENT
S. MAKRYNIOTIS HEAD OF INFORMATION SECURITY MANAGEMENT