Information Security Policy

1. Introduction

At INCORPORA TECHNO GROUP, we recognize the critical importance of information security for the continued success of our operations and to maintain the trust of our customers, partners, and stakeholders. As a provider of electronic goods and equipment, we are committed to adhering to the highest standards of information security in accordance with ISO 27001, COBIT (Control Objectives for Information and Related Technologies), ITIL (Information Technology Infrastructure Library), and other applicable regulations. This Information Security Policy establishes our commitment to protecting confidential and critical information for our operations, as well as guidelines for its secure and responsible management.

2. Scope

This policy applies to all employees, contractors, consultants, and third parties who access or handle INCORPORA TECHNO GROUP’s information systems and data. This includes, but is not limited to, information stored electronically, in print, or transmitted by any means.

3. Principles

Our information security policy is based on the following fundamental principles:

1. Confidentiality: INCORPORA TECHNO GROUP protects confidential information of the company, clients, and stakeholders, preventing unauthorized access or disclosure.

2. Integrity: INCORPORA TECHNO GROUP ensures the accuracy and integrity of information, preventing unauthorized modification or deterioration.

3. Availability: INCORPORA TECHNO GROUP ensures that information is available and accessible when needed for business operations.

4. Legal and Regulatory Compliance: INCORPORA TECHNO GROUP complies with all current laws, regulations, and standards related to information security, including ISO 27001, COBIT, and ITIL.

4. Responsibilities

It is the responsibility of all INCORPORA TECHNO GROUP employees and stakeholders to comply with this policy and follow the established guidelines to protect confidential information. The Information Security Management team is responsible for implementing and maintaining this policy, as well as providing the necessary guidance and support for its compliance.

5. Guidelines

1. Information Access: Access to confidential information will be limited to those employees who need it to perform their job duties. Adequate access controls will be implemented to ensure proper authentication and authorization.

2. Personal Data Protection: We will comply with all applicable data protection laws and ensure the privacy and security of personal data we process.

3. Risk Management: We will conduct periodic assessments of information security risks and take measures to mitigate and manage identified risks.

4. Awareness and Training: We will provide training and awareness on information security to all employees to ensure proper understanding of security policies and procedures.

5. Security Incidents: We will implement procedures for the reporting and management of information security incidents, including the investigation of security breaches and appropriate response.

6. Review and Update

This policy will be periodically reviewed and updated to ensure its ongoing effectiveness and alignment with changes in the operational environment and best practices in information security.

7. Compliance

Failure to comply with this information security policy may result in disciplinary actions, including termination of employment or termination of service contracts, as appropriate.

8. Approval

This Information Security Policy has been approved by the management of INCORPORA TECHNO GROUP and will come into effect from the date of its publication.