INFORMATION SECURITY APEX POLICY
Ishpi Information Technologies, Inc. (DBA ISHPI) is committed to achieving information assurance by protecting and safeguarding the confidentiality, integrity, and availability of information assets of its customers, employees, suppliers, and other stakeholders while carrying out the ISHPI business in the field of Information Operations, Engineering and Technical Services, IT and Cybersecurity Services, System and Software Engineering, and Training and Consulting.
ISHPI’s achievement of information assurance will be accomplished through its Information Security Management System (ISMS) by the effective implementation of requirements and security controls as defined in ISO 27001:2013 Standard, ISHPI’s Information Security Polices, Applicable Legal and Regulatory requirements, and also by ensuring fulfillment of customer related information security requirements. ISHPI will continually improve upon its Information Security Management System performance and will review its information security objectives on a periodic basis.
ISHPI commits to:
- Clearly understanding the information security requirements and expectations of our customers and relevant regulatory authorities.
- Protecting its people, information, intellectual property, assets, activities and facilities against misuse, loss, damage, disruption, interference, espionage, or unauthorized
- Developing and maintaining security policies and controls designed to meet the requirements of ISO 27001:2013 Standard.
- Establishing specific information security objectives driven by business needs and customer
- Ensuring all ISHPI employees share responsibility for effective information
- Implementing an Information Security Management System (ISMS) and ensuring it is maintained, continually improved, and supported with adequate
- Enhancing information security assurance through the continuous investment in technology, processes, and employee training.
Effective: _08/27/2020
Earl D. Bowers
President | Chief Strategy Officer