POL-SGSI-002 · Information Security Policy
Umbrella ISMS policy, aligned to ISO/IEC 27001:2022.
|
1.2 |
Request access
|
POL-SGSI-003 · BYOD Policy
Rules for personal devices accessing corporate resources.
|
1.1 |
Request access
|
POL-SGSI-004 · Device Management Policy
Corporate endpoint configuration, protection and lifecycle.
|
1.1 |
Request access
|
POL-SGSI-005 · Remote Work Policy
Security requirements for remote and hybrid work.
|
2 |
Request access
|
POL-SGSI-006 · Vendor Management Policy
Supplier classification, due diligence and security requirements for critical vendors.
|
1.1 |
Request access
|
POL-SGSI-007 · Backup Policy
Backup scope, frequency, retention and restore testing.
|
1 |
Request access
|
POL-SGSI-008 · Secure Development Policy
Secure SDLC: code review, SAST/SCA, segregation of environments.
|
1.1 |
Request access
|
POL-SGSI-009 · Information Handling Policy
Data classification, labeling and transfer rules.
|
1 |
Request access
|
POL-SGSI-010 · Infrastructure Management Policy
Governance of cloud infrastructure, hardening and capacity.
|
1 |
Request access
|
POL-SGSI-011 · Infrastructure Change Management Policy
Controlled change process for production infrastructure.
|
1 |
Request access
|
PRO-SGSI-007 · Vulnerability Management Procedure
Detection, triage and remediation SLAs for vulnerabilities.
|
1.1 |
Request access
|
PRO-SGSI-009 · Data Anonymization Procedure
Anonymization of personal data in non-production environments.
|
1 |
Request access
|