In connection with the adoption of the Framework Information Security Policy in the JSW S.A. Capital Group and the Personal Data Security Policy in the JSW S.A. Capital Group Entities, taking into account the importance of information resources and the obligation to protect information at the desired level, we have implemented and maintain the Information Security Policy at CLP-B Sp. z o.o.
The main purpose of establishing an Information Security Policy (ISP) is to protect information, ensure the security of data and
information constituting trade secrets, and ensure the continuity of business processes at CLP-B Sp. z o.o.
The policy covers IT, personal, physical and legal security, taking into account the following attributes: confidentiality, integrity and availability of information.
The Information Security Policy Procedure applies to the management system compliant with the PN-EN ISO 9001:2015-10 standard
The policy objectives at CLP-B Sp. z o.o. are implemented by:
- raising employee awareness and engagement in information protection
applying appropriate and proportionate security measures to safeguard IT systems from unauthorized access, physical damage, and malware
estimating the risk of information security loss by conducting periodic information loss risk analysis
following the analysis, developing a course of action and defining the necessary actions to improve the level of information security, as included in the risk management plan
- maintaining and continuously improving the information security management
- ensuring compliance of activities with applicable law