>

Information Security Management Policy

Cyfuture India Pvt. Ltd. (CYF-IT) is committed:

To ensure that all the risks associated with its operations while providing the services to the customers are identified, analyzed, evaluated and treated and all applicable requirements (legal/ others) related to information security are in compliance.

To protect our Information Assets from all kinds of threats and vulnerabilities, whether internal or external, deliberate or accidental, taking into consideration, the cost effectiveness and suitability of the countermeasures being deployed.

To continually improve our established information security management system by preserving the Confidentiality, Integrity & Availability of business related information, and to minimize business damage by preventing or minimizing the impact of information security incidents.

It is the Policy of the Organization to ensure that:

  • Confidentiality, Integrity and Availability of information acquired permanently or in transit, provided or created, are ensured at all times.
  • Critical information is protected from unauthorized access, use, disclosure, modification and disposal, whether intentional or unintentional.
  • All breaches of Information Security, actual or suspected, are reported, investigated by the designated personnel and appropriate corrective and preventive actions are taken.
  • All our employees and wherever applicable to third parties eg. Sub-contractors, consultants, vendors etc. are adequately communicated on information security programs.
  • Information security objectives resulting from risk assessment are documented, communicated and monitored for their progress and evaluated for their results.
  • Ensure Risk Assessment and treatment is re reviewed after every six months.

The policy shall be reviewed at periodic intervals (Half Yearly) - to check for its effectiveness and applicability, changes in technology, changes in Risk Levels that may have impact on Confidentiality, Integrity and Availability, legal and contractual requirements, and business efficiency.