The EPS information security policy is based on the ISO27001 Information Security Management System standard. The policy is a systemic approach to the process of managing sensitive third-party data and information in relation to the EPS family of products.

Note that the term “data” is used in this document to indicate both data (plural and singular), as well as the information that data represents.

Aim

The aim of the policy is to formalize a structured approach to protecting sensitive third-party data.

Process

At a high level the process of managing security looks like:

Responsibility

The roles of senior staff in relation to sensitive data are:

Reviews


EPS Software Engineering AG

Pestalozzistrasse 27
CH-9500 Wil
Switzerland