We use cookies to further personalise and enhance the user experience, conduct analytical research (for example, counting visits and traffic sources), place advertisements and contact third parties. Users can manage their cookie settings by clicking the "Choose your preferences" link.

Cookie policy
  • Security in Schibsted
  • expand_more

Compliance

Schibsted continuously complies with relevant laws, regulations, and contractual demands. 

To ensure compliance with legal, statutory, regulatory, and contractual obligations related to information security, all such requirements should be explicitly identified, documented, and kept up to date for each information asset and organization. Appropriate procedures shall be implemented to ensure compliance with requirements related to property rights and the use of proprietary software products.

Records shall be protected from loss, destruction, falsification, unauthorized access, and unauthorized release per legislative, regulatory, contractual, and business requirements. Privacy and protection of personally identifiable information (PII) shall be ensured as required in the relevant regulation. Encryption shall be used in compliance with all relevant agreements, legislation, and regulations.

To ensure that information security is implemented and operated per the requirements set forward in this document, the organization shall be audited regularly or when significant changes occur. Managers shall regularly review the compliance of information processing and procedures within their area of responsibility. Information systems shall be regularly reviewed for compliance with appropriate security requirements in this and other related documents.

Compliance issues with the Schibsted Security policy shall be reported to the Chief Security Officer (CISO).