| About us >> Model Corporate >> Information Security |
|
|
|
| Information Security |
|
Mindlogicx Infotech Limited is an ISO 27001:2005 certified company. Information security is beneficial not only to the organization implementing it but it also adds to the security of all data and information provided by clients. |
|
“Information is an asset that, like other important business assets, is essential to an organization’s business and consequently needs to be suitably protected.” |
| |
| What is ISMS? |
|
ISMS is the Information Security Management System. Like QMS (Quality Management System), ISMS also strongly follows PDCA (Plan-Do-Check-Act) cycle to establish a Management System for Information Security. A management system is a system to firstly establish the policy and objectives and as a second step, to achieve those objectives. |
|
Management systems are used by organizations to develop their policies and to put these into effect via objectives and targets using: |
|
|
Organizational structure |
|
|
Processes and associated resources |
|
|
Measurement and evaluation methodology |
|
| |
Review process to ensure problems are corrected and opportunities for improvement are recognized and implemented when justified |
|
|
Why is information security required? |
|
Information is globally accepted as being a very important asset for any organization and business. As such, the confidentiality, integrity and availability of vital corporate and customer information may be essential to maintain competitive edge, cash-flow, profitability, legal compliance and commercial image. It is easy to imagine the consequences for an organization if its information is lost, destroyed, corrupted, burnt, flooded, sabotaged or misused. In many cases it can lead to the collapse of the organization. |
|
The objectives of information security policy at Mindlogicx are: |
|
|
To protect the proprietary software code |
|
|
| |
To provide a secure environment for handling of the code during its processing |
|
|
To protect information provided by customers |
|
| |
To provide confidence to the customers where information needs to be handled, processed or developed |
|
|
To popularize the information security among the staffs by providing training |
|
|
To control the security incidents by a comprehensible way of handling |
|
| |
To comply with legislative and contractual requirements |
|
|
We, at Mindlogicx, live up to the trust reposed on us by our stakeholders. We understand that this trust is to a large extent dependent upon safeguarding the information assets we acquire and process during the course of our business. Our Information Security Management System is to ensure that all the information assets are secured to appropriate levels of protection, with respect to their confidentiality, integrity and availability perspectives. The levels of protection and the extent of security controls are determined by our Risk Management processes, which are built into our ISMS. We are also committed to provide essential services to concerned stakeholders in the event of any unexpected major interruption, in accordance with our Business Continuity Management Program, which is part of our ISMS.
Our ISMS ensures compliance to regulations and legal requirements that are applicable to our organization. It is very important that all employees realize and execute their security responsibilities in their functions. Our ISMS provides the requisite policies and procedures that help them do so. |
|
The management of Mindlogicx takes it as its responsibility to effectively communicate the importance of compliance and implemention of the security policy throughout the organization worldwide. All employees are encouraged to imbibe this policy in their value system and apply the same in their day to day activities, both within and outside the work place. |
| |
| What is being protected? |
|
| Information security deals with the protecting the confidentiality, integrity and availability of information. |
|
Confidentiality of information is meant to ensure that information can be accessed only by people who have been authorized to do so. |
|
| Integrity of information means protecting the accuracy and completeness of information and the methods used to process it. |
|
Availability of information means ensuring that authorized users have access to information and associated assets when required. |
|
| Mandatory Structure of the ISMS27001 standard: |
|
|
Information Security Management System |
|
|
|
Management Responsibility |
|
|
|
Internal ISMS Audit |
|
|
|
Management review of the ISMS |
|
|
|
ISMS Improvement |
|
|
| |
|
| |
| Process Approach |
|
A process approach encourages its users to emphasize the importance of |
|
| |
Understanding business information security requirements and the need to establish policy and objectives for information security |
|
| |
Implementing and operating controls in the context of managing an organization’s overall business risk |
|
|
|
Monitoring and reviewing the performance and effectiveness of the ISMS |
|
|
Continuous improvement. |
|
|
Information Security Policy Statement |
|
Mindlogicx Infotech Limited understands that the trust of the client in us depends on how well we keep their personal, business and account information secure. Our Corporate Information Security Program is comprehensive and proactive to ensure the information is secure at any point of time. Mindlogicx is ISO 27001:2005 certified and follows international standards set under Information Security Management System (ISMS) policy guidelines. |
| |
For further details on information security or consultation on information security within your organization, please contact us at consultancy@mindlogicx.com |
