Heptagon firmly believes Information is a business asset of substantial value and needs to be safeguarded against threats that could potentially disrupt business continuity. Intent of this statement is to provide a mechanism to establish procedures to protect against security threats and minimize the impact of security incidents.

THE CHIEF EXECUTIVE OFFICER HAS APPROVED THE INFORMATION SECURITY POLICY

THE PURPOSE of this Policy is to protect the information assets from all threats, whether internal or external, deliberate or accidental.

THE POLICY SCOPE covers Physical Security and all forms of Information Security such as data stored electronically, transmitted across networks, printed or written on paper, stored or spoken in conversation or over the telephone.
All personnel holding leadership positions are directly responsible for implementing the Policy within their functional areas, and for adherence by their staff. It is the responsibility of each employee to adhere to the policy. Disciplinary processes will be applicable in those instances where staff fails to abide by this security policy.

IT IS THE POLICY OF HEPTAGON TO ENSURE THAT

● Information will be protected against unauthorized access
Confidentiality of information will be assured
Integrity of information will be maintained
Regulatory and legislative requirements regarding Intellectual property rights, Data protection and privacy of personal information are met
Business continuity plans will be established, maintained and tested
● Staff & interested parties shall receive sufficient Information Security training
All breaches of information security, actual or suspected are reported and investigated by the Information Security Review Team
● Information Security Management System is measured and monitored for continual improvement and its effectiveness