Information Security requirements for Customers

Information security Policy Statement

Onward Technologies Limited (OTL) understands the Information Security needs and expectations of its interested parties both within the organization and from external parties including clients, suppliers, statutory and regulatory agencies.

Confidentiality, Integrity and Availability of information in Information Security Management are integral parts of its management function.

Information security policy is aligned to the requirements of ISO/IEC 27001: 2013; the Company is committed to:

The implementation of this policy is important to maintain confidentiality, integrity and availability of OTL’s information assets.

OTL shall strive to ensure that:

• Information will be protected against unauthorized access.
• Confidentiality of information will be maintained.
• Information will not be disclosed to unauthorized persons through deliberate or careless action.
• Integrity of information through protection from unauthorized modification.
• Availability of information to authorized users when needed.
• Regulatory and legislative requirements will be met.
• Business continuity plans will be produced, maintained and tested as far as practicable.
• Information security training will be available to all employees.
• All suspected breaches of information security will be reported and investigated.
• Risks will be mitigated to acceptable level though Risk Assessment exercises.

Information security requirements for Customers

• Information transfer modes between OTL and Customer shall be approved and agreed by customer and OTL at the time of project award.
• Any specific information security requirement shall be approved and agreed by customer and OTL at the time of project award.
• Information exchange through untrusted freeware should be avoided.
• Sign NDA before sharing information.