Sign In

Security Policy

The objective of managing information security is to ensure that its core and supporting business operations continue to operate with minimal disruptions.

 

The Senior Management is committed to an effective Information Security Management System in accordance with its strategic business objectives.

 

“Sahla Enterprises commits to protect its information assets from all threats in order to maintain the confidentiality of information, rely upon the integrity of the information, ensure availability of information, comply with legal, regulatory, statutory and contractual obligations and ensure continual improvements towards organization wide Information Security Management System”

 

Information Security translates to preservation of the following goals:

1.     Confidentiality: Assurance that Information is accessible only to those authorized to have access.

2.     ntegrity: Assurance of the completeness and accuracy of Information and its processing methods; and

3.     Availability: Assurance that authorized user has access to Information and associated assets when required. This is ensured by regular maintenance of hardware, updated and monitored operating systems, redundant critical resources, IS business continuity management, capacity management and other information security measures we take.

Sahla Enterprises shall:

      I.        Develop and implement an Information Security Management Systems (ISMS) to protect organization’s information and information systems reasonably and effectively from various internal and external threats.

     II.        Commit to comply with regulatory, legal and business requirements.

   III.        Ensure confidentiality, Integrity, and availability of Information Assets.

   IV.        Communicate all pertinent security policies to employees and other interested parties as applicable.

    V.        Identify the information assets, to understand their vulnerabilities and the threats that may expose them to risk, through appropriate risk assessment.

   VI.        Ensure that identified risks are mitigated through adequate controls as documented in the risk treatment plan.

  VII.        Ensure annual information security awareness training of all employees.

VIII.        Provide appropriate access controls for protection against unauthorized access adaptability.

 

Sahla Enterprises Information Security Policy is designed to provide a risk-based framework for protecting Information Assets of Sahla Enterprises. It applies to all Sahla Enterprises employees, contractors, and vendors