At GO, we pride ourselves as Malta’s leading communications services company. We provide mobile, fixed line, internet and TV services to more than 500,000 customers. We also provide unrivalled services to the Maltese business community, including Cloud Services, roaming services, data networking solutions, business IP services, and managed services. In providing our services, we recognise our responsibility to manage information that is entrusted to us by our business and consumer customers.
We aim to meet our responsibility by identifying potential risks that may impact the confidentiality, integrity, or availability of information.
We have implemented an information security management system, that provides a combination of policy led, technical and operational security initiatives, that help us manage those risks.
To demonstrate our commitment to our information security principles, we aim to achieve the following objectives:
These objectives are revalidated at least annually by the CEO.
Information assets are identified, assessed for risk, and appropriately protected.
Information security risks are captured and managed in accordance with a formal process.
Information security training is available to all employees, including temporary workers and contractors.
Security policies covering IT systems, personnel security, facilities, supply chain assurance, business continuity and the collection, use, sharing, retention, and disposal of information are implemented and adhered with.
All actual or suspected breaches of information security will be reported to and investigated by the Information security team.
Our management system and information security controls are regularly assessed to evaluate effectiveness and ensure compliance.
Management will conduct a review of the ISMS at least annually to determine its effectiveness and drive continual improvement.
Senior management assumes overall accountability for information security and is responsible for ensuring that the information security management system meets its intended outcomes.
Senior management has appointed an Information security team that is responsible for operational management of the information security management system, including reporting on its effectiveness to the CEO.
An Information security committee has been established that oversees the management, maintenance, performance and improvement of management system policies and controls.
Information asset owners are appointed with responsibility for identifying and classifying their information assets and addressing risks.
Managers at all levels are responsible to ensure compliance with our management system within their areas of responsibility.
All our employees, contractors and relevant partners and suppliers are required to comply with our information security management system. Breaches in compliance are earnestly considered and may lead to disciplinary action or the termination of contracts.
Approved by: Nikhil Patil Date: 24th March 2022