Home » About us » Security Policy

Security Policy

The board and management of Betware, a gaming solution and service vendor, recognizes that information security is of great importance to our business and that protecting our information assets contributes both to the success of our organization and the success of our clients.

Therefore the preservation of information with regards to the following principles is essential:

  • Confidentiality – Protecting information from unauthorized disclosure
  • Integrity – Safeguard the accuracy and completeness of information
  • Availability – Ensuring information is accessible and usable by authorized users upon demand

The purpose of the information security management system is to protect our information assets from a wide range of threats in order to ensure continuity of our business, minimize business risk, and maximize return on investments and business opportunities. This is accomplished by preventing and minimizing the occurrence and impact of information security incidents.

Information and information security requirements will be aligned with organizational goals and the information security management system will be subject to continuous improvement as well as being an enabling mechanism for information sharing.

Policy

The purpose of the policy is to protect our business from all security threats, whether internal or external, deliberate or accidental.
It is our policy to ensure that:

  • All operations comply with ISO/IEC 27001:2005
  • An asset inventory is maintained and classified with regards to importance of confidentiality, integrity and availability
  • Risk is managed within acceptable limits by operating a formal Information Security Management System (ISMS) pursuant to ISO/IEC 27001:2005
  • Formal risk assessment is conducted regularly to analyze the value of information assets, their sensitivity and potential threats posed to them
  • Compliance with regulatory, legislative, procedural and contractual requirements that are relevant to information security are met
  • Suitable business continuity plans are produced, maintained and tested periodically
  • All employees receive information security training and education in order to fulfill their information security responsibilities

Kopavogur, January 2011

CEO and Managing Director, Stefán Hrafnkelsson