Information Security Management System (ISMS) Policy

IZMO Limited.

1. Preservation of Confidentiality, Integrity, and Availability of information

• Ensuring information is accessible only to authorized personnel (Confidentiality).
• Maintaining the accuracy and completeness of information (Integrity).
• Ensuring authorized users have access to information when needed (Availability).

2. Cyber Security

• Implementing and maintaining robust cyber security measures to prevent, detect, and respond to threats, vulnerabilities, and incidents effectively.
• Leveraging advanced security technologies and frameworks to protect against evolving cyber threats.

3. Privacy Protection

• Safeguarding personal and sensitive data as per applicable data protection regulations, including the GDPR (Europe) and applicable privacy laws in India and the UK.
• Implementing privacy-by-design principles in all systems and processes.

4. Compliance

• India: Information Technology Act, 2000, and Data Protection Guidelines.
• France: GDPR and CNIL guidelines.
• UK: UK Data Protection Act 2018 and GDPR.

5. Establishing Measurable Objectives

• Defining and regularly reviewing information security objectives aligned with business goals.
• Measuring performance through Key Performance Indicators (KPIs) and regular audits.

6. Continual Improvement

• Continuously improving the ISMS through regular monitoring, audits, feedback, and management reviews.
• Learning from incidents and integrating lessons into future risk mitigation plans.

7. Awareness and Training

• Conducting regular training to ensure all employees understand their responsibilities related to information security, cyber security, and privacy protection.