Information Security Policy

Information Security Policy

Policy Statement

Aliva is highly reliant on information that is captured, stored, processed, and delivered by computers and their associated communications facilities. Such information plays a vital role in supporting business processes and customer services, in contributing to operational and strategic business decisions, and in conforming to legal and statutory requirements. Accordingly, the information and the enabling technology are important assets that must be protected to a level commensurate with their value to Aliva.

Our Information Security Management System (ISMS) is an expression of the Aliva management commitment to these principles. Compliance with the ISMS, and with its supporting policies, standards, practices, procedures, and guidelines, is mandatory for all users of Aliva Information Assets. Aliva management is committed to ensuring that this occurs to satisfy the applicable requirements related to information Security.

Additionally, Aliva’s management is committed to ensuring the continual improvement of the ISMS.

All other supporting Information Security policies, standards, practices, procedures, and guidelines provide the necessary detail to support the operations of the ISMS.

Policy Objectives

The policy supports the following objectives:

  1. Provision of a structured approach to information security management for all customers and stakeholders.
  2. Compliance with the legal and regulatory framework under which our business operates.
  3. Provision of manageable and effective information security controls to ensure appropriate protection of information.
  4. Establishment of an approach to the assessment, management, and treatment of information security risks.
  5. Maintenance of security awareness specifically regarding the scope of the ISMS.
  6. Reporting and investigation of all breaches of information security and suspected weaknesses as per the Improvements and Corrective Action procedures.

Scope Statement

Based on an analysis of the above context, interests of stakeholders, and in consideration of its Products and Services, Aliva has determined the scope of the Information Security Management System as follows:

The supply of ICT products and services that includes:

  1. IT Managed & Co Managed Services
  2. IT Strategy & Roadmap Advice
  3. Cyber Security and Business Continuity Services
  4. Veryfyd Digital Licence Verification and Digital Identity Management
  5. Cloud Services & Solutions
  6. ICT Solution Design
  7. Project Management
  8. Enterprise IT Procurement and lifecycle management
  9. Supply logistics
  10. Marketing for the above services, and
  11. Management of external contractors where Aliva resources are not available.

Aliva’s management is committed to:

  1. Satisfy applicable requirements related to information security, and
  2. Continual improvement of the information security management system.