Information Security Policy

iVote’s primary pillar is Election Management software and services, thus defining highest requirements for security in the information.
Considering information security essential and crucial for iVote and aiming to ensure effective management of the information security in iVote we established an information security management system based on ISO 27001 standards and international best practices.
This is the iVote’s policy to develop, implement and maintain an information security management system that meets the requirement of and is certified to ISO 27001 standard.
The scope of this policy applies to all of iVote operations and services for design and implementation of innovative software solutions:

• Election Management Systems
• E-commerce solutions
• E-Learning Management Systems

Our policy for maintaining the Information Security Management System (ISMS) is based on the principles of measuring and planning for continual improvement in the areas of quality and information security performance. This is achieved by establishing, implementing and reviewing objectives that are documented and managed by iVote top management. We will continually review the suitability of our information security management system in taking into consideration the demands and expectations from our customers, employees and any person(s) working under the company’s control, to ensure that they are appropriate to the nature, scale and impacts of the company’s activities, products, services and risks.
iVote is committed to:

• Identifying, meeting or exceeding quality and information security requirements as required by our customers, employees and parties working on behalf of iVote;
• Encouraging employees and person(s) working on behalf of the organization to assist and participate in initiatives to improve their working environment;
• Ensuring that information security decisions and investments are based on risk assessments of all relevant assets, processes and services;
• Minimizing the business impact and dealing effectively with security and operational incidents; ensuring continuity and availability to our business functions and ability to provide services to our clients;
• Ensuring iVote’s ongoing ability to meet contracted commitments through appropriate Business Continuity;
• Complying with all applicable information security statutory legislation and with any other regulatory, customer or third party requirements to which the company subscribes;
• Maintaining the awareness of all employees and parties working on behalf of iVote so that they can identify and fulfill contractual, legislative and company quality and information security responsibilities;
• Communicating this policy and the results of our activities, to employees, person(s) working under the company’s control and any other interested parties as appropriate.

This Policy Statement is on the Company website and available to any interested parties. It is communicated to all employees and person(s) working under the control of iVote and is supported by the Information Security Management System which provides further details on roles & responsibilities. The Policy is reviewed on an annual basis by iVote top management team.

17 -th of March, 2023
Silvija Gelevski, CEO