The Information Security Policy is based on the ISO/IEC 27002:2013 implementation guidance for the British Standard for Information Security ISO/IEC 27001:2013 controls.

Netsparker is committed to the development and maintenance of an Information Security Management System based upon the International Standard the Company has developed this Information Security Policy to:

  • Provide direction and support for information security in accordance with business requirements, regulations and legal requirements.
  • State the responsibilities of staff, partners, contractors and any other individual or organization having access to the Company’s information assets.
  • State management intent to support the goals and principles of security in line with business strategy and objectives.
  • Provide a framework by which the confidentiality, integrity and availability of the Company’s information assets can be maintained.
  • Optimize the management of risks, by preventing and minimizing the impact of Information Security incidents.
  • Ensure that all breaches of information security are reported, investigated and appropriate action taken where required.
  • Ensure that supporting ISMS policies and procedures are regularly reviewed and continual improvement is maintained to ensure progressive good working practices and procedures.
  • Ensure information security requirements are regularly communicated to all relevant parties.