The established Information Security System (ISMS) in "ZENDEV" d.o.o. Mostar, as well as the information generated during the performance of tasks and internal communication between employees of "ZENDEV" d.o.o. Mostar are the property of "ZENDEV" d.o.o. Mostar.
Employees of "ZENDEV" d.o.o Mostar are expected to continuously work on fulfilling the requirements of the ISO/IEC 27001:2022 standard, applicable legal and other regulatory requirements relevant to the implementation and improvement of the established information security management system, in "ZENDEV" d.o.o Mostar, in a manner that will ensure:
- physical security of IT equipment and the information contained therein,
- control of access to information and data,
- proper and lawful handling of the Internet and electronic mail,
- security when using portable IT devices,
- continuous and secure protection of the established ISMS from viruses and other malicious programs,
- preparation, sending and storage of confidential information in a manner that ensures its confidentiality, and
- proper and secure storage and archiving of selected information and data.
The established ISMS documentation in "ZENDEV" d.o.o. Mostar defines the rules that employees, in "ZENDEV" d.o.o. Mostar must adhere to achieve the following information security objectives:
- ensuring continuous compliance of the established information security system with the requirements of the ISO/IEC 27001:2022 standard,
- ensuring security, authenticity, confidentiality, integrity and availability of data and information in "ZENDEV" d.o.o. Mostar,
- management of information risks in a manner that will ensure an acceptable level of risk for all levels of information security,
- taking care of data and information obtained from customers and other relevant stakeholders, and
- creating trust among business partners, employees and other relevant stakeholders in the security of their data and information.
The management of "ZENDEV" d.o.o. Mostar reviews this Policy once a year as part of an assessment of the effectiveness of the established information system.
Mostar; 05.05. 2025.
Director: Senad Šantić
