Security Policy

Information Security Management System (ISMS) Policy Statement

Last updated: 10/30/2025

ISMS Policy Statement

Top management at Infocusp Innovations understands the Information Security needs and expectations of its interested parties both within the organization and from external parties including clients, suppliers, regulatory and Governmental departments. Confidentiality, Integrity and Availability of information in Information Security Management are integral parts of its management function and view these as their primary responsibility and fundamental to best business practice.

Information security policy is aligned to the requirements of ISO/IEC 27001: 2022; the Infocusp Innovations is committed to:

  • Comply to all applicable laws and regulations and contractual obligations
  • Implement Information Security Objectives that take into account information security requirements following the results of applicable risk assessments
  • Communicate these Objectives and performance against them to all interested parties
  • Adopt an Information Security Management System comprising manual and procedures which provide direction and guidance on information security matters relating to employees, customers, suppliers and other interested parties who come into contact with its work
  • Work closely with Customers, Business partners and Suppliers in seeking to establish appropriate information security standards
  • Adopt a forward-thinking approach on future business decisions, including the continual review of risk evaluation criteria, which may impact on Information Security
  • Ensure management resources to better meet information security requirements
  • Instruct all members of staff in the needs and responsibilities of Information Security Management
  • Constantly strive to meet its customer's expectations
  • Implement continual improvement initiatives, including risk assessment and risk treatment strategies

Responsibility for upholding this policy is company-wide under the authority of the Managing Director who encourages the personal commitment of all staff to address information security as part of their skills.

The policy has been approved by the Directors and is reviewed annually or sooner should a significant change occur in order to ensure its continuing suitability, adequacy and effectiveness.

Core Security Principles

Confidentiality

Ensuring information is accessible only to those authorized to have access

Integrity

Safeguarding the accuracy and completeness of information and processing methods

Availability

Ensuring authorized users have access to information when needed

Contact Information

For questions about our security policy or to report security concerns, please contact:

security@infocusp.com