Repath Solutions

Information Security Policy

Information Security Policy | Repath Solutions

ISO 27001:2022

Information Security Policy
Protection, preservation and assurance of the information we manage — at every level of the organization.

Code: P.ISMS.05.01
Version: 2nd — 05/02/2024
Classification: Unclassified
Scope: ISMS

 Purpose

The objective of this high-level policy is to define the purpose, direction, principles and fundamental rules for the management of information security at Repath Solutions.

This policy applies to the entire Information Security Management System (ISMS), as defined in the ISMS Scope Document. Users of this document are all employees of Repath Solutions as well as relevant external interested parties.

 Reference Documents

  • ISO/IEC 27001 Standard, clause 4 and A.5
  • Statement of Applicability — SoA
  • F.POL-A.03 Threat Intelligence Strategic List 2025
  • F.POL-A.12 — Register of Legal, Regulatory, Contractual and Other Requirements

Management Commitment

The management of Repath Solutions commits and declares that the information security policy was established to ensure the effective protection, preservation, and assurance of the information managed by the company, following the principles of the ISO 27001:2022 standard.

The implementation and continual improvement of the ISMS will be supported with adequate resources to achieve all objectives set forth in this policy and to satisfy all identified requirements.

Scope of Activities

Software customization, development and support services, development of technological and business solutions.

Key Terminology

Confidentiality

Information is available only to authorized persons or systems.

Integrity

Information is modified only by authorized persons in a permissible manner.

Availability

Authorized persons have access to information when they need it.

Information Security

Preservation of the confidentiality, integrity and availability of information.

Management System (ISMS)

Part of the overall processes responsible for the planning, implementation, maintenance, review and improvement of security.

Objectives & Measurement

The general objectives for the information security management system:

  1. Creating a better image and reducing damage caused by potential incidents.
  2. Objectives are aligned with the broader objectives, strategy and plans of the Greek Government.
  3. The ISMS Manager Ms. Stella Lioliou, in cooperation with Management, is responsible for reviewing the general ISMS objectives and setting new ones.
  4. Objectives for individual security controls or groups of controls are proposed by Management, the Data Protection Officer and the IT Department, and are approved by the ISMS Manager and Management in the Statement of Applicability.
  5. All objectives are reviewed at least once a year.
  6. Management measures the fulfillment of all objectives.
  7. The ISMS Manager Ms. Stella Lioliou is responsible for defining measurement methods — measurements are conducted at least annually, analyzed and reported to top management as management review input.

 Compliance Requirements

This policy and the entire ISMS comply with the legal and regulatory requirements applicable to the organization in the field of information security, as well as with contractual obligations.

A detailed list of all contractual and legal requirements is provided in the Register of Legal, Regulatory and Contractual Obligations. The control selection process is defined in the Risk Assessment and Treatment Methodology, while the selected controls are listed in the Statement of Applicability (SoA).

Key Principles

Risk Assessment

Regular risk assessments to identify and mitigate potential threats. Establishment of a Threat and Opportunity Register.

Access & Authentication

Defining and restricting access based on need and responsibility, with access control and segregation of duties.

Training & Awareness

Training employees on the secure use of information and regular awareness programs on security threats.

Systems Security

All systems and software are kept up to date with the latest security patches.

Monitoring & Evaluation

Periodic evaluation of the effectiveness of security measures, with immediate response to incidents through an approved Incident Management Plan.

 Responsibilities & Roles

All Members — Repath Solutions

The implementation of the information security policy is the obligation of every member. All security incidents or vulnerabilities are reported to the ISMS Manager.

ISMS Manager — Ms. Stella Lioliou

Responsible for ensuring the implementation and maintenance of the ISMS, operational coordination, submission of performance reports, and management of information disclosure to interested parties.

Top Management

Reviews the ISMS at least annually or upon significant changes, preparing minutes to determine suitability, adequacy and effectiveness.

Asset Owners

The protection of the integrity, availability and confidentiality of each asset is the responsibility of its owner.

 Validity & Document Management

The owner of this document is the ISMS Manager Ms. Stella Lioliou, who reviews and updates the document at least annually. The evaluation takes into account:

Familiarity of employees and external parties with the document · ISMS compliance with laws, regulations and contractual obligations · Effectiveness of implementation and maintenance · Clarity of ISMS implementation responsibilities.

Related Records & Procedures

  • Record F.07.05 — Controlled Documents and Records Register
  • Record F.04.01 — Operational Framework: Context
  • Record F.04.02 — Operational Framework: Interested Parties
  • Record F.04.03 — Certification Scope
  • Record F.A.05.02 — Organizational Chart
  • Record F.06.01 — Risk Assessment
  • Record F.POL-A.12 — Legislation Register
  • Procedure PR.ISMS.09 — Management Review
  • Form F.POL-A.05 — Resource Allocation Record

Approval

Manolis Lambovas
Management — Repath Solutions · Athens
Repath Solutions
P.ISMS.05.01 · Version 2nd · 05/02/2024 · Pg. 3–6 of 46

Solutions
Products
Success Stories
About Us
Contact
News & Insights

The Power of CRM Systems in Modern Marketing

Increase Customer Engagement: Solutions to Evolve Your Strategy

Making the Complex Simple: Repath’s Customised CRM Solutions for Every Challenge

From Spreadsheets to Growth: The Digital Transformation Journey

How to Keep Customers Coming Back for More with the Right CRM Solution

The Digital Future Is Here – What Does It Mean for Your Business?

Understanding the Critical Role of CRM Systems in Modern Business

Linkedin Facebook
Book Consultation

Get a Free Consultation