Information Security Policy


This information security policy applies to all employees and others, who through agreement, gain access to information belonging to Fabege. Each manager is responsible for informing new employees about the contents of the current information security policy at the time of hiring. An information security plan and its instructions are available to support this policy.

Goal and strategy

The goal of the information security policy is to protect the company's information and information flows from getting into the wrong hands, or from being modified without authorisation. The is also to protect the privacy of the company and the employees. This is achieved by ensuring that the information retains its:

  • Confidentiality
  • Integrity (correctness)
  • Accessibility
  • Traceability

Laws and regulations

Laws and regulations that govern the business and its information security shall be identified and followed. Contacts with the necessary authorities shall be created where appropriate and kept up to date.

Examples of laws that have requirements for the company regarding how information is handled are:

  • the General Data Protection Regulation, the Accounting Act and the Companies Act.

Threats and risks

Threats to information security can be both internal and external. Incidents can be both intentional and unintentional.

Risk analysis shall be carried out annually or at the time of major changes in the company's risk management procedures. The level of security must be adapted based on the risk analysis results and the company's risk acceptance.

Roles and responsibilities

The head of IT is responsible for Information Security issues at Fabege and it is the duty of each employee to comply with this policy. For questions and uncertainties, contact your manager or the head of IT at Fabege.

Download our information security policy

Changed 13 January 2020

Read also

Policy documents

Our policy documents aim, among other things, to preserve and develop the great values ​​found in the business and to maintain the public's trust in Fabege.

Read more

Code of Conduct

The Code of Conduct presents our view on issues related to human rights, labour practices, the environment, business ethics and communication.

Read more

Whistleblower function

The Fabege whistleblower function is intended for reporting serious irregularities.

Read more