To preserve Confidentiality - that is to protect information provided by ISOAH Data Securities Pvt. Ltd.’s customers, employees & other associates, against unauthorized access or disclosure.
To maintain Integrity - that is to protect information assets from unauthorised or accidental modification ensuring the accuracy and completeness of the organization’s assets.
To ensure Availability - that is, ensure that Information, assets & infrastructure are available as and when required adhering to the organisation’s business objectives.
Risk to the business to be assessed at regular intervals, against which, preventive & corrective controls to be placed.
Security of customer contracts and customer requirements will be met.
Identify and define secure work areas within office perimeter and enforce secure access to the same.
Information about technical vulnerabilities of information systems being used along with information system that is developed, shall be obtained in a timely fashion, the organization's exposure to such vulnerabilities evaluated and appropriate measures taken to address the associated risk.
Regulatory, legislative & other business requirement will be fulfilled.
Business continuity plans for critical processes and infrastructure will be identified, maintained and reviewed on a regular basis, to minimize the downtime incurred by the business.
Ensure prompt reporting of security incidents and weaknesses, followed by adequate root cause analysis for preventive & corrective actions.
Relevant training to be given to staff and effective pre and post training evaluation will be conducted.
Set up control policies & measure the effectiveness of controls at regular intervals.
Senior Management will meet once a month to discuss effectiveness of ISMS (as per clause 9.3)
The implementation of this policy is a testimony of ISOAH Data Securities Pvt. Ltd.’s commitment to establish, implement, maintain, and continually improve the information security management system (ISMS).