The Organization believes that information security is one of its primary objectives. In this context, the Organization has implemented an Information Security Management System (ISMS) and is committed to its maintenance and continuous improvement in order to guarantee the following requirements:
- Confidentiality: information accessible only to duly authorized subjects and / or processes.
- Integrity: safeguarding the consistency of information from unauthorized changes.
- Availability: easy access to necessary information.
- Control: ensuring that information management processes and tools are secure and tested.
- Authenticity: reliable source of information.
- Privacy: guarantee of personal data protection and control.
The Information Security Management System, which follows the requirements of the UNI CEI EN ISO / IEC 27001: 2017 standard, applies to the perimeter constituted by the following two concessionary companies of the Group, for their respective fields of application:
- Gamenet S.p.A: management of the telematic network of gaming machines, as well as related activities and functions.
- GoldBet S.p.A: management of games with cash prizes, distributed both remotely and through points of sale, as well as production and business management processes.
The general objectives in the area of information security are as follows:
- define and guarantee a service continuity plan;
- ensure the protection of employees and customers privacy;
- ensure compliance with legislation;
- preserve and enhance the company's image as a reliable and competent supplier.
In order to pursue the aforementioned objectives, the Management undertakes to:
- establish corporate roles and responsibilities for the development and maintenance of the ISMS;
- develop the integration of all the processes that contribute to information security;
- monitor and prevent exposure to any threats to information security;
- activate programs suitable for spreading awareness and culture on information security;
- establish and pursue specific goals in the field of information security.
The company organization, the procedures, the applications, the company know-how, the commitment of the Management and the involvement at every level of the people who work for the Group, represent the essential tools to ensure the achievement of the objectives set.
In order to verify the effectiveness and efficiency of the ISMS, and ensure continuous improvement, this Policy, the objectives and all elements of the Information Security Management System are periodically monitored and reviewed.