Employee training is an integral part of Enalyzer’s security and compliance strategy:
Onboarding and Ongoing Awareness: All employees are required to comply with the company’s information security policies and procedures. Enalyzer conducts regular information security awareness training, which focuses heavily on GDPR compliance and updated security policies.
Security Responsibilities: Employees are trained to handle information only within the scope of their work and according to the sensitivity of the data. Responsibilities and obligations continue even after the end of employment, and these are clearly communicated and enforced.
Management and Oversight: The Information Security Board is responsible for organizing training and ensuring regular security updates across the company. Specific guidelines exist for recruitment, onboarding, and offboarding to maintain skills and ensure security policies are followed.
Auditor Validation: External auditors confirmed that new hires are properly informed of their roles and security responsibilities. Job descriptions and employment contracts are reviewed to ensure awareness of security duties, with no issues noted by auditors
Employee Handbook: Is a foundational document within Enalyzers internal governance framework. It is specifically referenced in the company's representation of its control environment and compliance responsibilities. The handbook outlines security responsibilities, confidentiality expectations, and the appropriate use of information assets. These terms are reinforced through signed employment contracts and agreed on and accepted by all employees on a yearly basis.
Employee Training is referenced in the Audit Report.