ISHPI

Information Security Apex Policy

INFORMATION SECURITY APEX POLICY

Ishpi Information Technologies, Inc. (DBA ISHPI) is committed to achieving information assurance by protecting and safeguarding the confidentiality, integrity, and availability of information assets of its customers, employees, suppliers, and other stakeholders while carrying out the ISHPI business in the field of Information Operations, Engineering and Technical Services, IT and Cybersecurity Services, System and Software Engineering, and Training and Consulting.

ISHPI’s achievement of information assurance will be accomplished through its Information security, cybersecurity, and privacy protection — Information security management systems by the effective implementation of requirements and security controls as defined in ISO/IEC 27001:2022 Standard, ISHPI’s Information Security Polices, Applicable Legal and Regulatory requirements, and also by ensuring fulfillment of customer related information security requirements. ISHPI will continually improve upon its Information Security Management System performance and will review its information security objectives on a periodic basis.

ISHPI commits to:

  1. Clearly understanding the Information security, cybersecurity and privacy protection requirements and expectations of our customers and relevant regulatory authorities.
  2. Protecting its people, information, intellectual property, assets, activities and facilities against misuse, loss, damage, disruption, interference, espionage, or unauthorized disclosure.
  3. Developing and maintaining security policies and controls designed to meet the requirements of ISO/IEC 27001:2022 Standard.
  4. Establishing specific Information security, cybersecurity and privacy protection objectives driven by business needs and customer requirements.
  5. Ensuring all ISHPI employees share responsibility for effective information security.
  6. Implementing an Information security, cybersecurity and privacy protection — Information security management system and ensuring it is maintained, continually improved, and supported with adequate resources.
  7. Enhancing information security assurance through the continuous investment in technology, processes, and employee training.

Effective: 11/12/2023

Earl D. Bowers

President | Chief Strategy Officer