Information Security Policy

CodiLime Sp. z o.o. (hereinafter CodiLime) is a networking industry expert and a first-choice service partner for top global networking hardware & software providers and telecoms.

CodiLime provides services in the field of software engineering, DevOps, and network engineering. These types of activities require the company to ensure information security.

The company policy is to ensure:

• protection of information against unauthorized access;
• confidentiality of information;
• integrity of information;
• availability of information only to authorized persons.

Information security objectives

• Raise employee awareness of information security.
• Information systems that are reliable and resilient against vulnerabilities.
• Ensure accountability of access to information.
• Ensure the security of customer data and resources.
• Comprehensive and efficient security incident management.
• Maintain and develop an ISMS in compliance with ISO 27001.

Continuous improvement

CodiLime aims to improve information handling in practice by conducting regular internal audits and risk assessments. Each employee is required to report risks, deviations from established processes and ideas for improvement.

Awareness

All personnel are trained in information handling and are aware of information security risks. Training covers obligations and rights resulting from legal acts, internal policies and procedures, and specific customer requirements.

Incident handling

Any employee, subcontractor or visiting customer representative who is aware of an information security breach is obliged to inform the information security staff by creating a report in the appropriate queue at help.codilime.com, sending an email to help@codilime.com, or calling +48 22 389 51 00. For this purpose, non-employees must confirm their responsibility in the matter.

The CodiLime Board has approved the Information Security Policy and is responsible for its implementation, maintenance, and improvement.