Information Security Policy Statement & Objective

​

The goal of managing information security is to ensure that its core and supporting business operations continue to run smoothly.

In accordance with its strategic business objectives, Senior Management is committed to an effective Information Security Management System.

"Megmo commits to protecting its information assets from all threats in order to maintain information confidentiality, rely on information integrity, ensure information availability, comply with legal, regulatory, statutory, and contractual obligations, and ensure ongoing improvements toward an organization-wide Information Security Management System."

Information Security translates to preservation of the following goals:

1. Confidentiality: Assurance that information is only accessible to those who have been granted access.

2. Integrity: Assurance of the completeness and accuracy of information and the methods used to process it; and

3. Availability: Ensure that authorized users have access to information and related assets when needed. This is accomplished through regular hardware maintenance, updated and monitored operating systems, redundant critical resources, IS business continuity management, capacity management, and other information security measures that we implement.

 

Information Security Objectives

Megmo shall:

​

1. To safeguard an organization's information and information systems from numerous internal and external threats, develop and implement an information security management system (ISMS).

2. Make a commitment to abide by all legal, regulatory, and business standards.

3. Assure the security, availability, and integrity of information assets.

4. When appropriate, inform staff members and other interested parties of any relevant security policies.

5. Using an appropriate risk assessment, identify the information assets and gain an understanding of their weaknesses and the risks that could put them at risk.

6. As stated in the risk treatment strategy, make sure that recognized risks are adequately controlled to reduce them.

7. Ensure that every employee receives annual information security awareness training.

8. Provide the necessary access restrictions to safeguard against unwanted access.

The goal of the Megmo Information Security Policy is to offer a risk-based framework for safeguarding Megmo's information assets. It is applicable to every vendor, contractor, and employee of Megmo.