INFOSEC Policy

image INFOGISTIC is highly committed to protect the confidentiality, integrity and availability of information assets from possible threats whether deliberate or accidental that could potentially disrupt business continuity by taking into account all possible measures to ensure that business requirements, regulatory, operational and contractual requirements are fulfilled.

An Information Security Management Systems is established and maintained compliant to ISO 27001 standards. The scope of Information Security Management System is INFOGISTIC Office located at 239 CCA, Phase IV, DHA Cantt, Lahore, Punjab, Pakistan.

Management actively supports Information Security within the company by ensuring that:

  • Information Security Management System (ISMS) is established, implemented & managed within organization through policies, procedures, & guidelines
  • Adequate resources are provided, roles & responsibilities are clearly defined& documented, & training & awareness program is established
  • Information Assets are identified & their associated risks are assessed & evaluated and appropriate measures are implemented in risk treatment planning
  • Backup is maintained for critical data to allow continuity of business without disruption
  • Mechanism for reporting information security incidents is established for timely corrective actions
  • Internal Audits are conducted for effective implementation of ISMS
  • Access to Information Assets is controlled and access rights are reviewed on regular basis to align with changing business needs
  • Employees, contractors and external party users adhere to the established policies and procedures of the organization
  • Appropriate disciplinary actions are taken in case of any security breach
  • Infogistic is in compliant with applicable legislative, regulatory and contractual requirements.

This policy is reviewed for adequacy and effectiveness during Management Reviews and on as needed basis.

Approved By CEO on March 2014