As a Security and Defence company, Saab manages information which is of vital importance to our customers and in many cases other nations security. In todays world with growing threats and information security challenges a continuous and systematic security management is crucial.
Saab has global security organisation, which works in accordance with Saab's management system for security. The management system is based on ISO27001 and it continously improve security governance and security management within the company. Saab perform regular trainings for our employees in information security and have central processes in place for among others risk and incident management, security audits and vulnerability management.
Our information security work rests on these foundations:
- Business-oriented: It shall provide guidance to the business
- Balanced: It shall provide a balance between security, economic and operational requirements based on the determined risk exposure
- Relevant: We are constantly looking for information and knowledge to provide support and set the right requirements
- Fact-based: Our goals and our work are based on the analysis of threats, risks, vulnerabilities and incidents, and has it's foundation in well recogised standards.
- Value creation: Security shall create value for Saab and enable future business.