Log in Contact us

ISO 27001

INFORMATION SECURITY POLICY

MELP – HR Tech with a focus on developing Employee Benefits software as a service (Saas). Internet platform serving as a tool to manage and communicate employee benefits. A self-service mobile application enables people to decide what benefits they want to get for their work. 

MELP Vision

We want MELP to be a digital eco‐system that brings together employees, employers, and service providers to enhance employee engagement and the human-oriented organizational identity.

MELP mission

MELP provides a simple and affordable digital tool to secure that every single penny spent on employee benefits is a penny towards the increased employee engagement, loyalty, and retention.

MELP implement information security management to prevent incidents that could damage the reputation of the organization and undertake to:

  • Ensure the protection of the organization’s information and information technology;
  • Ensure information security is in line with operational requirements and relevant laws and regulations;
  • Manage information security in the organization;
  • Achieve and maintain the protection of the organization’s assets;
  • Avoid unauthorized physical access, loss, and disruption to the organization’s operations and information;
  • Ensure that information security incident management is consistent and effective;
  • Avoid loss, damage, theft, or defect of property and business interruptions;
  • Ensure accurate and secure operation of information processing tools;
  • Maintain the integrity and readiness of information and information processing tools;
  • Prevent unauthorized access to information stored in information systems;
  • Ensure that security is an integral part of information systems;
  • Supervise the information security system ensuring compliance with the requirements of ISO/IEC 27001:2013;
  • Carry out periodic risk assessments to identify the need for further action;
  • Periodically change passwords for existing information systems in the organization;
  • Strive for continuous improvement of information security management.

Top management ensures that the information security policy:

  1. is applicable to the purpose of the organization;
  2. includes a commitment to comply with the established information security goals structure and defined general direction and principles of activity;
  3. includes a commitment to comply with legal and other requirements;
  4. is coordinated with the strategic risk management context of the organization, including the development and maintenance of information security system;
  5. is available to all employees of the organization and external parties;
  6. all the objectives are reviewed at least once a year.

CEO Juozas Sargūnas