The aim of the Information Security Policy is to establish overarching policies and principles governing information security at Safe Truck Sdn. Bhd. (STSB). These guidelines are implemented to safeguard both the employees and the organization. Improper usage can subject STSB to various risks, such as virus attacks, compromise of network systems and services, and legal complications. All information assets associated with the systems must be shielded from potential risks, whether they arise internally or externally, intentionally or accidentally. This is crucial in preventing or mitigating the consequences of information security incidents or breaches to ensure the protection of business, uphold reputation, and safeguard personnel.
An effective Information Security management entails the following:
- Legal, statutory, regulatory, legislative and contractual obligation and requirements in supporting system’s operations must be met.
- Information security must be managed through STSB’s information security risk assessment and management methodology. This shall include the criteria for risk acceptance and the acceptable level of risk.
- Policies, procedures and guidelines must be made available to support STSB’s IS Policy.
- Management must be directly responsible for implementing STSB’s IS Policy within the department, and for adherence by their subordinates.
- Any related parties including business partners, vendors, contractors and third-party users must only have access to STSB’s information as stipulated in a nondisclosure agreement (NDA) with STSB.
- Each employee must be responsible in protecting respective information assets against unauthorized access, disclosure, modification, destruction and interference, as well as executing all relevant processes and activities.
- Each employee must adhere to STSB’s IS Policy and its supporting policies, procedures and guidelines.
- Any employee found to have violated this policy or its supporting policies, procedures and guidelines shall be subjected to disciplinary actions as stipulated in STSB’s Information Security Guidelines and Policy.
- STSB is committed to strive for continual improvement of its Information Security Policy to align with the requirements of the Information Security Management System (ISMS).