Embitel was awarded ISO 27001 certification — an International Standard for Information Security Management System issued by external auditors — by TUV Nord. We are ISO27001:2013 certified.This certification verifies the compliance of Embitel’s practices for design, development and testing of Applications, and Embedded Software Products and Services as per the latest Statement of Applicability.
Having the ISO 27001 logo on our company literature is a continual reminder to potential and existing customers that we are a professionally run organization that takes the confidentiality, integrity and availability of their information and our information seriously.
This helps us enhance customer confidence, ensure a secure operating environment, minimize business damage by reducing the impact of security incidents and eliminating the possibilities of reoccurrences of identified security incidents, and to maximize business investments and opportunities.
Embitel’s ISMS Policy:
The Information Security Management System Policy of Embitel is to design, implement and maintain an Information security program that protects the Embitel Application development support systems, services and data against unauthorized use, disclosure, modification, damage and loss. Management is committed to establish an appropriate information security governance structure based on International Standards that enables collaboration and support for information security in business initiatives.
- Objective 1: Establish Security Policy, Standards and Guidelines framework
- Objective 2: Proactive Information Security Risk Management
- Objective 3: Operation Continuity and Disaster Recovery
- Objective 4: Identity and Access Management
- Objective 5: Network and System Security Architecture
- Objective 6: Information Security Awareness Training
The use of ISO 27001 standards translates into the following actions, which safeguard the Confidentiality, Integrity and Availability of information that we hold on behalf of our customers:
- Heightening security awareness within the organization.
- Identifying critical assets via the Risk Assessment.
- Developing a structure for continuous improvement.
- Safeguarding organizational records, which include handling of customer information.