Security Policy

The Confidentiality, Integrity and Availability of information are of great importance to the operation and administration of Akeo.

Failure in any of these areas can result in disruption to the services that it provides to clients as well as loss of confidence by existing and potential clients and business partners. The security of information and other assets is therefore regarded as fundamental to the successful operation of the organization.

Adherence to this policy shall help protect organization’s data and information from information security threats, whether internal or external, deliberate or accidental.

Akeo is committed to good information security provision for its clients, employees and business partners through implementation of this policies and ither topic specific policies.

It is our commitment –

  • Ensure that information is accessible only to those authorized to have access;

  • Safeguard the accuracy and completeness of information and processing methods;

  • Ensure that authorized users have access to information and associated assets when required;

  • Address the security of services and processes in scope to ensure that risks are identified, and appropriate controls are implemented and documented;

  • Provide a secure working environment for employees, and other stakeholders;

  • Produce business continuity and incident response plans for strategic IT and information services, which shall be maintained and tested on a regular basis;

  • Require all consultants, associates and third parties working on our behalf to ensure that the Confidentiality, Integrity and Availability requirements of all business systems are met; and

  • Promote information security awareness and provide appropriate information security training to our employees using our information systems.

  • Ensure that all regulatory, legislative, contractual and customer requirements are met.

Policy Objectives

The objective of the Information Security Policy is to minimize business damage by preventing and managing to an acceptable level the impact of information security incidents.

Our objectives

  • Ensure 100% availability of our information systems to our customers.

  • Ensure there are no (Zero) incidents that affect confidentiality and integrity of information.

  • All (99%) employees are provided with awareness trainings in information security

  • Ensure compliance (100%) to legal, contractual and other regulatory compliance requirements.

  • Ensure that topic specific policies are established, and monitored for compliance through internal audits.

These objectives are measured, monitored, and reported monthly.

Communication of Information Security Policy

The information security policy shall be available to all stakeholders

The latest version of the policy shall be accessible to all employees on intranet portal. The policy shall also be communicated to the key stakeholders, business partners, suppliers, vendors as part of corporate communications as and when required.

During induction, a session shall be conducted for new joiners of Akeo to understand the objective and create awareness about ISMS.

Breach of Information Security Policy

All breaches or incidents of information security shall be reported by email or by verbal communication to the Information Security Manager or to functional head of respective function/department.   Information security manager shall record such incidents and it shall be investigated by appropriate authority. Any violation, non-adherence to the policy shall be viewed seriously and liable for disciplinary action including termination of employment or contract.

All Department Heads, information security forum are responsible for implementation of the information security policy within their areas and for ensuring the adherence to the policy by their staff.