Wasl understands and recognises the importance of “information” to its business operations and hence is committed and obliged to provide its customers, stakeholders, business partners and employees a secure information processing environment.
The management at Wasl is highly committed towards Information Security and intends to achieve security of its information assets based on the three founding principles of Information Security - Confidentiality, Integrity and Availability. Optimum security will be accorded to information assets by classifying them based on their business value and risk exposure to ensure the privacy of Wasl, customer, stakeholder, business partner and employee information, by protecting it against unauthorized access, disclosure and/or loss.
The management at Wasl endeavors to continuously and proactively manage risk to its information and maintain it at an acceptable level through the design, implementation and maintenance of an effective Information Security Management System (ISMS) that adopts industry best practices and standards are based on:
• Security policy, objectives and activities that reflect Wasl and business objectives.
• An approach for implementing security that is consistent with the organizational culture.
• A good understanding of the security requirements, risk assessment and risk management.
• Effective understanding of security needs by all stakeholders.
• Access and distribution of guidance on information security policy and standards to all stakeholders and providing appropriate security training and education, as applicable.
• A comprehensive and balanced system of audit review that evaluates performance in Information Security Management and provides feedback or suggestions to the Management for continuous improvement in security.
“The ISMS will ensure and take into account all necessary business, legal, compliance requirements of the federal, local laws, other regulatory requirements and contractual security obligations as applicable and will instill the need by encouraging and promoting information security awareness among all Wasl stakeholders.”