Information security and quality policy
Our quality policy aims at: providing an individually tailored approach for each client; ensuring a team with the professional qualification and experience necessary for meeting each client’s requirements; providing professional services at reasonable and realistic prices.
The mission of Chronika is to be acknowledged as an organization performing high quality services by adding value to the activity of each client and as a reliable partner of foreign companies based in Bulgaria.
Chronika strictly selects and develops its experts in order to meet the highest requirements for professionalism and quality of the services provided.
The Management is committed to satisfy the requirements and to constantly improve the efficiency of the quality management system. The organization has introduced clear procedures and approaches for provision of services as well as constant update of the service portfolio thus fully meeting the market needs and requirements.
The Management is committed to review at least once a year the policy in order to ensure its full adequacy.
INFORMATION SECURITY POLICY
‘Chronika’ ООD is a company, providing services related to commercial and confidential information of clients as well as to personal data of their employees. ‘Chronika’ aims at being a reliable partner for its clients.
Building up mutual trust is an issue of high importance for the development of the company. In addition to the employees, knowledge and information security are among Chronika’s most valuable assets.
The current information security policy sets the framework of a system of measures, which aims at:
- Safeguarding the confidentiality of information (corporate and clients’) by applying approved limitations to the access and to thedisclosure of information;
- Ensuring the integrity of information by protecting unauthorized amendments or destruction of information;
- Ensuring accessibility to the information by providing a reliable and prompt access to it;
- Achieving information accountability by establishing control over the access and the rights upon the information resources.
The Management considers it is its priority to take full responsibility for establishing and applying an Information Security Management System (ISMS) in order to achieve the aims of the company and provide a high level of security to the company’s clients and partners.
The purpose of the information security policies is:
- To determine the necessary requirements for protection of the information assets of ‘Chronika’ OOD by providing a balance of efficiency, rationality and adequacy of the security level;
- To provide continuity of the business processes;
- To minimize the the information security risks, causing losses or damages to ‘Chronika’, its clients, partners and other concerned parties;
- To minimize the level of losses and damages,caused by breakthrough in the information security;
- To ensure conformity with regulatory and professional requirements for confidentiality;
- Protection of data and inviolability of personal information;
- Protection of commercial information and intellectual property rights (knowhow) of clients and the organization.
The security policy is applied in respect to:
- Information in all possible forms, including electronical and paper, as well as to the process of exchanging this business information;
- All computer systems, separate and/or connected through a network, which are possessed by ‘Chronika’ or serviced by third parties in favour of ‘Chronika’, including all premises, in which information systems are stored and serviced;
- All computer operating systems and applied software, used by ’Chronika’ regardless of their origin;
- All staff members of ‘Chronika’, trainees, consultants on temporary projects, or third parties.
Review and application:
- The information security policy is regularly reviewed based on a set process. The information security policy is revised to consider the changing circumstances;
- Each staff member, who considers there is an abuse of the current policy in the organisation, must notify the Managing Partner and the System Administrator;
- Each staff member, who is deemed to have violated this policy, will be subjected to disciplinary action;
- The personnel of ‘Chronika’ OOD is obliged to follow all rules related to information security, described in procedures, instructions and other documents from ISMS.
In my capacity of a Managing Partner I declare my personal participation and responsibility for the implementation
Information security and quality policy - BG Language