ISO Policy

Information Security Management Policy

This Policy provides the foundation for the “Provision of IT Solutions for Web & Mobile Application Developments and Technology Work” and aims to promote information security at the workplace and the collective responsibility of the Management and all employees in observing information security practices.

To achieve these objectives, we will ensure that our Information Security Management System is in compliance with

• ISO 27001: 2022 Standards
• SIMSYS organizational policies,
• Current applicable legislation, regulatory, statutory requirements, including other Service Level Agreements to which SIMSYS subscribes to.

The Management is committed to:

• Clearly defining Information Security Management objectives, targets & programmes and obtaining commitments from all stakeholders to ensure we take ownership and continually improve our processes.
• Communicating Information Security Management Policy awareness to all employees to drive continuous improvement mentality within the organization.
• Taking proactive and continual actions to effectively manage risks related to availability, confidentiality and integrity of information as well as ensuring the security of the company's product and services.
• Periodically reviewing our policy, objectives and targets to maintain effectiveness of our Information Security Management System.
• Assessing and incorporating climate-related risks into our Information Security Management System, while considering the climate-related requirements and expectations of stakeholders in our decision-making processes to enhance sustainability and resilience.