Information Security Policy

General Statement

Information is at the heart of our business, and any threat to its confidentiality, integrity, or availability is a direct threat to our business. Information security applies to, and is the responsibility of all staff. The Senior Leadership Team is fully supportive of the need for, and enforcement of, information security policies and standards. The Senior Leadership Team is committed to ensuring that we conduct our activities in such a way that information is adequately safeguarded from potential security threats in order to preserve our competitive edge, cash-flow, profitability, legal, regulatory and contractual compliance, commercial image and help fulfil our strategic objectives. In support of this, we have aligned our approach to information security with the ISO27001
framework.

Aims and objectives

In order to ensure sufficient Information Security at Guru Systems, we shall:-

● Understand the importance of information security, our responsibilities and the consequences of ignoring them, and ultimately the effects of security on Guru
System’s success, and that we all recognise and understand our role in protecting our information assets.
● Ensure that the infrastructure and data management, business continuity, avoidance of viruses and hackers, access control to systems and information security incident reporting processes are followed.
● Identify our role as an employee in delivering this aspect of business risk management.
● Continually work to improve our information security performance and management system through the setting and review of specific objectives.

The Information Security Policy will be reviewed and republished annually or sooner if significant business changes take place.

The Information Security Policy has been approved by the Chief Executive Officer to ensure that all information assets (information in all its forms) are protected and are used in the best interests of the company and its clients.