At Mayar Gulf Engineering Consultants, we recognize the critical importance of information security in safeguarding the confidentiality, integrity, and availability of information assets entrusted to us by our clients, partners, and stakeholders. We are committed to establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS) in accordance with the requirements of ISO 27001 and aligned with our organizational objectives.
Our ISMS Policy encompasses the following principles:
- Information Security Governance: We are committed to establishing and maintaining a robust governance framework to ensure effective oversight, management, and accountability for information security within the organization.
-
Risk Management: We systematically identify, assess, and manage information security risks to minimize potential impacts on the confidentiality, integrity, and availability of information assets.
-
Compliance: We comply with all applicable legal, regulatory, contractual, and other requirements related to information security, as well as our own internal policies and procedures.
- Confidentiality: We protect sensitive and confidential information from unauthorized access, disclosure, or use, ensuring that access is restricted to authorized individuals only.
- Integrity: We maintain the accuracy, completeness, and reliability of information assets throughout their lifecycle, preventing unauthorized modification, deletion, or destruction.
- Availability: We ensure the timely and uninterrupted access to information and information systems, mitigating the risk of disruptions or outages that could impact business operations.
- Awareness and Training: We provide ongoing awareness and training programs to our employees, contractors, and other relevant parties to enhance their understanding of information security risks and their roles and responsibilities in safeguarding information assets.
- Incident Management: We promptly detect, respond to, and mitigate information security incidents, minimizing the impact on business operations and stakeholders.
- Continual Improvement: We continually monitor, review, and enhance our Information Security Management System to adapt to evolving threats, technologies, and business requirements.
- Accountability: We hold all employees and stakeholders accountable for complying with this Information Security Management System Policy and supporting the organization’s information security objectives.
This policy is communicated, understood, and implemented throughout the organization, and it is reviewed periodically to ensure its ongoing suitability, adequacy, and effectiveness.
View Signed Policy
X
