Information Security Policy
INFORMATION SECURITY POLICY
The top management at LinTech Global, Inc. understands its information security needs and expectations and that of its external constituents including, amongst others, clients, suppliers, regulatory and Governmental departments. The Management recognizes that the disciplines of confidentiality, integrity and availability of information in information security management are integral parts of its functions and view these as their primary responsibility and fundamental to best business practice. To this end, LinTech Global, Inc. has developed this information security policy aligned to the requirements of ISO/IEC 27001:2013 to ensure that its operations:
– Comply with all applicable laws and regulations and contractual obligations.
– Implement Information Security Objectives that take into account information security requirements following the results of security risk assessments.
– Communicate these Objectives and our relative performance to all responsible/affected parties.
– Adopt an information security management system comprised of an ISMS Security Manual and ISMS Security Procedures that provide direction and guidance on information security matters related to employees, customers, suppliers and other parties involved with its work.
– Work closely with customers, business partners and suppliers to establish appropriate information security standards.
– Adopt a forward-thinking approach on future business decisions, including the continual review of risk evaluation criteria that may impact information security.
– Instruct all staff members about the need for and responsibilities of information security management.
– Constantly strive to meet and, where possible, exceed customer expectations.
– Implement continual improvement initiatives, including risk assessment and risk treatment strategies, while making best use of its management resources to better meet information security requirements.
Responsibility for upholding this policy is truly company-wide under the authority of the Information Security Manager who encourages the personal commitment of all staff to incorporate information security as part of their skills and a priority in their daily jobs.