QUALITY AND INFORMATION SECURITY POLICY
EDEJA SOFTWARE
EDEJA SOFTWARE bases its business success on services and products that are fully compliant with the requirements of applicable laws, regulations, technical standards, and customer requirements, to achieve their maximum satisfaction.
The management and employees of EDEJA SOFTWARE, to maintain the organization’s image, cash flows, profitability, and compliance with legal and contractual requirements, and to gain an advantage over the competition, protect the confidentiality, integrity, and availability of the organization’s information and information assets.
With the vision of becoming one of the most efficient and stable partners to its clients in the field of software development services, EDEJA SOFTWARE defines its strategic goals as follows:
- Further improvement of the current market position
- Improvement of the overall performance of the organization
Aware of the risks and environment in which it operates, EDEJA SOFTWARE achieves its established strategic goals through consistent application and continuous improvement of the effectiveness of the integrated management system (quality management system, compliant with the requirements of the ISO 9001 standard and information security management system compliant with the requirements of the ISO 27001 standard), which includes:
- Determining and fulfilling the requirements of customers and other interested parties to achieve and increase their satisfaction;
- Leadership role of management in all management system processes;
- Maintaining the integrity, confidentiality, and availability of information and information assets by protecting against unauthorized access and alteration and ensuring their availability and usability to authorized persons for the realization of business processes;
- Managing all identified risks to information security;
- Compliance with and fulfillment of relevant regulations and other accepted requirements;
- Utilizing the production and creative potentials of each employee, with continuous training of employees and external collaborators on quality and information security requirements;
- Planning, implementing, verifying, and reviewing all management system processes based on collected and analyzed data and information;
- Continuous improvement of services/products and management system processes to enhance the performance of processes and the system;
- Commitment to continuous improvement of information security prevention measures and adequate investigation of current or potential breaches in the field of information security;
- Developing mutually beneficial relationships with business partners
The management of EDEJA SOFTWARE ensures that this policy is communicated, understood, implemented, and maintained in the organization and reviewed at least once a year to respond to any changes.
All employees, information asset owners, are required to adhere to the requirements stated in this policy that are within their jurisdiction. All employees are responsible for implementing the policy and must support the management that prescribed this policy and the rules for its application.
Belgrade, 23.04.2024