Metasite management has established and continually improves its Integrated Management System (IMS) to control the quality of the services, manage the risks related to information assets and business processes and ensure proper protection of information in accordance with requirements of the ISO 9001 and ISO 27001 standards. Requirements for IMS are established taking into account Metasite strategic goals, needs and expectations of the clients and other stakeholders along with the results of the risk assessment process.
It is the policy of Metasite:
- To address the needs of and fulfil contractual obligations to clients, partners and other stakeholders;
- To enhance client satisfaction, building and maintaining their trust in Metasite;
- To establish clear responsibilities, accountability and control level in the company with regards to quality and security;
- To perform business activities in accordance with the main information security principles – confidentiality, integrity and availability in order to protect information and data of Metasite, its clients, employees, partners and other stakeholders;
- To consistently manage risks;
- To continually improve and support the performance of the IMS in compliance with ISO 9001, ISO 27001 standards and relevant local and international legal requirements.
At Metasite all the information is processed in accordance with defined information security requirements to prevent any unauthorised disclosure, forgery, loss or inaccessibility, to build and maintain trust and confidence in the company.
All identified information security incidents, service disruption and nonconformities of products, services and processes to the IMS requirements are investigated to reduce any undesirable consequences for clients, employees, partners and the company itself, to restore normal operations and delivery of services and to reduce or eliminate the risk of their recurrence in the future.
Metasite also sets specific IMS objectives that are consistent with IMS goals and policies and are established for a defined period of time. Measurable targets are defined for each objective as provided in the IMS monitoring, measurement, analysis and evaluation procedure, which sets out roles and responsibilities, implementation time and expected results.
IMS policy is communicated and implemented at all levels of the company. All Metasite employees and suppliers, who have any involvement with assets covered by the scope of the IMS, are responsible for implementing this policy and shall have the support of the Metasite management who have approved the policy. The IMS policy and its objectives are discussed during internal meetings and are accessible to all employees of the organisation. The implementation and relevance of the IMS policy are periodically reviewed by Metasite management.