TERN SYSTEMS INFORMATION SECURITY POLICY
Information Security is crucial for safeguarding the assets and data handled by Tern Systems, and for ensuring Tern Systems continuous and uninterrupted operations and service.
​
With this Information Security Policy (Policy) Tern Systems underscores its commitment to protecting the confidential, proprietary, financial, personal and other sensitive information belonging to the organization, its customers, suppliers, personnel, and third parties. This Policy aims to safeguard all such information received, processed, stored and transmitted via Tern Systems’ Information Systems from unauthorized access, disclosure, or loss.
​
The purpose of this Policy is to express Tern Systems’ commitment to protecting information against internal and external threats, whether intentional and unintentional. The goal of Information Security management is to ensure continuous access to information and to minimize damage, by preventing or minimizing the impact of incidents that could disrupt information processing or cause information leakage.
The interests of all parties connected to the information could be harmed if the information falls into the wrong hands, is incorrect or is not accessible when it is needed. To address these risks, Tern Systems establish this Policy to maintain confidentiality, integrity and availability of data.
​
Confidentiality
Tern Systems ensures that only authorized parties have access to the organization’s information and related assets.
​
Integrity
Tern Systems ensures that the organization’s information is correct and accurate at all times. Any incorrect, misleading, incomplete, or outdated information is corrected, deleted or supplemented when identified. Regular monitoring is carried out to maintain data integrity.
​
Availability
Tern Systems ensures that the organization’s information is accessible to authorized individuals when required. The organization also maintains contingency plans and securely stored backups to restore systems and data in the event of destruction or loss.
​
This Policy considers the current laws and regulations on privacy and processing of personally identifiable information (PII). The Policy complies with the rules of (EU) 2023/203, (EU) 2022/2555 and meets the requirements of the document ISO/IEC 27001:2022.
Tern Systems describes the means and procedures for implementing this Policy in the associated Information Security rules, procedures, and processes, which are approved by Tern Systems’ Board of Directors and maintained by the JOB-046 Information Security Manager (ISM).
​
Personnel who have access to Tern Systems’ information and other related assets and those processors involved in the operation of information systems must have access to and be familiar with this Policy and the relevant Information Security Management Framework (ISMF) documentation.
​
​​
​
​
​