ISMS Policy

1. Introduction

Red Raccoon Digital Ltd. is committed to protecting its business and client data, as well as other company information, to ensure both material and moral security. This commitment aims to earn and maintain the trust of our clients and stakeholders. To achieve this, the company has implemented and continuously operates an Information Security Management System (ISMS) that covers the following activities and processes:

• Computer Programming
• Other Information Technology Services
• IT Consulting

2. Objectives and Principles

With the implementation of the Information Security Management System, the management of Red Raccoon Digital Ltd. has set the following key objectives and principles:

1. Physical Protection:

The company places great importance on safeguarding the physical security of data and assets. This includes building security measures and the protection of all utilized equipment against unauthorized access, theft, vandalism, and other harmful effects.

2. Ensuring the Confidentiality, Integrity, and Availability of Data:

Information security is a fundamental element of the company's processes. In all our activities, the primary focus is on ensuring the confidentiality, integrity, and availability of data. To achieve this, we apply strict data protection guidelines and regularly review processes to maintain information security.

3. Continuous Improvement of Employee Awareness:

Our goal is for all employees to understand the importance of protecting the information they handle. We provide regular training to ensure that every employee knows and follows the information security guidelines and handles confidential information appropriately.

4. Compliance of External Service Providers and Partners:

We require that our external service providers and partners comply with the security standards and guidelines we set. This is ensured through contractual obligations and regular audits to verify the compliance of external partners.

5. Compliance with the Information Security Management System:

Red Raccoon Digital Ltd. has implemented and operates its Information Security Management System (ISMS) in accordance with the MSZ ISO/IEC 27001:2023 standard. The objective is to comply with relevant legal requirements, industry standards, and customer expectations while continuously improving our security measures.

6. Ensuring Continuity and Preventing Unauthorized Access:

The purpose of the ISMS is to ensure the continuity of corporate processes and to prevent unauthorized access to confidential information, while also ensuring incident management and preparedness to respond. To achieve this, we have strengthened access control and implemented appropriate security measures.

7. Minimizing the Risk of Data Loss and Data Theft:

We annually review potential threats, assess and evaluate risks, and take measures to mitigate them. To minimize the risk of data loss and data theft, we employ regular data backups, encryption, and access control. We require the use of strong passwords and apply the latest firewalls and intrusion detection systems to prevent unauthorized access. To avoid infections caused by malicious software, we use antivirus software and perform regular software updates.

3. Commitment and Responsibilities

The management of Red Raccoon Digital Ltd. is committed to the continuous operation and development of the Information Security Management System (ISMS). We expect every employee, external partner, and any other party with access to the company's information or systems to adhere to and comply with the guidelines and applicable regulations. Compliance with the ISMS policy is mandatory for all concerned.

4. Scope and Application

This policy applies to all employees of Red Raccoon Digital Ltd., external partners, and any other party who has access to the organization's information or systems. Our aim is to ensure the continuity of business activities and the security of information across the entire company through this policy.

The organization's management also considers the impacts of climate change in the operation and continuous improvement of the ISMS, including the selection of external service providers.

‍

Budapest, 2024.08.06.

‍