INFORMATION SECURITY POLICY
Redleaf Solutions Limited is an industry leader in the provision of Installation, Monitoring and Technical Support Services for high-tech infrastructure services focused on ELV & Security Solutions, Safety & Protection Solutions, Building Automation Solutions, ICT &Telecommunication Solutions, Energy Management Solutions and Professional Engineering Services to our clients in the construction, governmental, educational, and residential sectors.
Thence, we handle information assets which can take various forms including, but not limited to, data printed or written on paper, stored electronically, transmitted by electronic means, stored on electronic media and spoken in conversations. Information assets may include personal data/activities.
Redleaf Solutions Limited considers the security of information-related assets as fundamental for the success of its business operation.
Therefore, we have committed to implementing, fulfilling, and maintaining an Information Security Management System per the requirements of ISO 27001:2013. This covers the security of processed and stored information concerning clients, business partners and other relevant interested parties associated with the provision of our services.
We are committed to:
- Ensuring information relating to clients, business partners and other relevant interested parties must have adequate safeguards in place to protect it and to ensure compliance with the various applicable regulations, along with protecting our reputation and that of our business partners. Information will be protected from loss of confidentiality, integrity, and availability.
- Respecting the privacy of all our customers, protecting any customer data from outside parties, and ensuring that their requirements are met unless otherwise required to do so by law. To this end, Management is committed to maintaining a secure environment in which to control and process confidential information. We are also committed to the overall continual improvement of the Information Security Management System, including setting, and reviewing security objectives.
- Meeting the needs and expectations of our clients considering all relevant legal, regulatory, and contractual information security obligations
- Ensuring incident management process is established and implemented to ensure that all breaches of information security, actual or suspected are reported and investigated; Risks are mitigated to an acceptable level through a Risk Management framework
- Ensuring appropriate resources are allocated to implement, operate, review, and continually improve the effectiveness of the Information Security Management System.
This policy statement is made available, communicated to all employees, and displayed on the company website for external interested parties to access.
The Top Management has overall responsibility for the maintenance and guidance on the implementation of this policy.