Skip to content

Publication Summary

Title Doc title
Author(s)
Issued by CEO

Version doc.

Review freq.

0.1

Yearly
Date of issue November 13, 2023
Owner Alessandro Cardinali
Document status Draft – Final Draft - Final
Approval Date n/a
Classification Internal

Change Log

Version Date Author Comments
0.1 November 13, 2023 First draft Information Security Policy

Table of Contents

1 Publication Summary 2

  • 5.2 Policy

  • A.5 Organizational controls

  • A.5.1 Policies for information security

Document Title Document ID Version Owner Approval Date Next Review Date Status Notes
Information Security Context, Requirements and Scope ISMS4 0.1 AC Draft
Information Security Policy ISMS5 0.2 AC 2025-05-01 2026-05-01 Draft Master security policy
InfoSec Objectives and Plan ISMS6 0.1 AC
Information Security Management System Manual
Information Security Roles, Responsibilities and Authorities
Process for Monitoring, Measurement, Analysis and Evaluation
Statement of Applicability
Policies
Access Control Policy AC-01 1.2 IT Lead 2025-03-15 2026-03-15 Approved Reviewed quarterly
Remote Working Policy RW-01 1.0 HR & IT 2025-04-01 2026-04-01 Approved Includes digital nomad guidance
Mobile Device Policy MDP-01 1.1 IT Security Lead 2025-04-01 2026-04-01 Approved Applies to all company-issued gear
BYOD Policy BYOD-01 1.0 IT & Legal 2025-04-01 2026-04-01 Approved Linked to Acceptable Use Policy
Cloud Services Policy CSP-01 1.0 CTO 2025-02-20 2026-02-20 Approved AWS/GCP guidelines included
Privacy and Data Protection Policy PRIV-01 1.1 DPO 2025-01-10 2026-01-10 Approved GDPR and cross-border access scope
Secure Development Policy SD-01 1.0 Engineering Lead 2025-03-01 2026-03-01 Approved OWASP alignment
Backup Policy BCP-01 1.0 DevOps 2025-03-15 2026-03-15 Approved Cloud-first retention policy