Information Security Policy Statement

    We, at GSPANN Technologies, are committed to:
    “Establishing, monitoring, and continually improving safeguards for the confidentiality, integrity, and availability of all our physical and electronic information assets to ensure regulatory, operational, and contractual requirements are fulfilled.”

    Our commitments include:

    Compliance: Ensuring all regulatory, legislative, and contractual requirements related to operations are met.

    Confidentiality: Protecting information to prevent unauthorized disclosure of valuable or sensitive data.

    Integrity: Maintaining the accuracy and completeness of information.

    Availability: Ensuring information and systems are available to meet business and client requirements.

    Awareness and Training: Enhancing employee participation and awareness through regular training programs tailored to emerging threats and best practices.

    Incident Management: Establishing and implementing a robust incident management process to ensure that all information security breaches—actual or suspected—are promptly reported, investigated, and resolved.

    Risk Management: Applying a comprehensive risk management framework to identify, evaluate, and mitigate risks to an acceptable level.

    Continuous Improvement: Continually improving the Information Security Management System (ISMS) to adapt to changing threats, technologies, and business environments.

    Resource Allocation: Allocating appropriate resources for implementing, operating, and reviewing an effective ISMS.

    Third-Party Security: Ensuring that security requirements extend to and are enforced for all third-party vendors, contractors, and partners.

    Data Privacy: Safeguarding personal data in compliance with applicable data protection laws (e.g., GDPR, CCPA).

    Cybersecurity Resilience: Establishing resilience against cyber threats through proactive monitoring, threat intelligence, and preventive controls.

    Roles and Responsibilities
    All stakeholders are responsible for implementing security policies and procedures within their area of operation and ensuring adherence by their team members.

    Disciplinary Measures
    GSPANN shall enforce a formal disciplinary process for employees who violate information security policies and procedures.

    Policy Maintenance
    GSPANN is committed to ensuring that this Information Security Policy is understood, implemented, and maintained at all levels of the organization. It will be reviewed regularly to ensure continued relevance and effectiveness in addressing emerging threats and compliance obligations.