Information Security Policy
It is the policy of Xgrid to create, maintain, and continually improve the Information Security Management System and to adhere to Information Security Management System practices in compliance with best practices required for software development and information security needs of the customer.
Xgrid works within the framework of the Local Government while fulfilling the contractual obligation to the client. This is to ensure the protection of its information assets from all threats – internal or external, deliberate or accidental, and natural disasters.
Furthermore, to achieve this objective, Xgrid will ensure the following:
- Business requirements for the availability of information and systems are met.
- Confidentiality, Integrity, and Availability (CIA) of the information is maintained throughout the process flow.
- All legal, regulatory, contractual, and business requirements are met.
- All corporate assets (tangible/intangible) are located in a physically and logically secure environment.
- Risks to all corporate assets (tangible/intangible) are assessed and appropriate contingency and risk mitigation plans are defined against all risks.
- Human resources are provided with a conducive work environment, free from safety hazards.
- All personnel are trained on information security procedures.
- Physical, Logical, and Remote access to all the corporate assets (tangible/intangible), information and physical locations is monitored and controlled.
- Business continuity plans are established, maintained, and tested periodically and updated as needed.