Information Security Management System Policy

Nalashaa operates an information security management system that ensures

  • Utmost priority for the protection of privacy of individuals while handling the Personal Identifiable Information (PII) and Personal Health Information (PHI)
  • All applicable statutory and regulatory requirements are fulfilled
  • Proper management of the secured business practices across all the stakeholders and suppliers
  • A safe work environment for the employees and stakeholders of the business
  • Security of information in human resource management through awareness and competencies on InfoSec policy adherence
  • Confidentiality, integrity, availability of the data/information in any form
  • Processes are aligned with the international best practices
  • Effective risk management
  • Effective business continuity management
  • Effective incident management system
  • Handling security in client requirements
  • Handling security in supplier management
  • Secured Asset management and asset disposal
  • Handling Controlled and Restricted Access management

We achieve this by establishing and continually improving an Information Security Management System (ISMS) which is based on Risk-based thinking and Business Continuity Strategies that completely and consistently help to meet the client requirements through the deployment of secured processes, people and technologies while conducting the business processes.