Information Security Policy

Secure and reliable handling of own and third-party information, data and systems are vital for all business processes at TCSENS SDN BHD. IT systems are not only used to support processes and increase the efficiency of workflows, but are the key production tools with which TCSENS creates its products and solutions, in the form of projects for developing, maintaining and distributing the products and solutions. Also having high requirements and commitment towards the customer and for the software solutions, products and services to be supplied.

Therefore, it is the management’s responsibility to ensure;

1. Ensure the information security has implemented and complies with the specifications of ISO/IEC 27001 and continually develops it further
2. All breaches of information security, actual or suspected, will be reported to, and investigated by the relevant authorities
3. Information is not disclosed to unauthorized persons through deliberate or careless action
4. Information security education, awareness and training will be made available to staff
5. Business continuity plans are produced, maintained and tested as far as practicable
6. Integrity of information through protection from unauthorized modification
7. Availability of information to authorized users when needed
8. Regulatory, legislative and contractual obligations are met
9. Information is protected against unauthorized access
10. Confidentiality of information is maintained

This policy shall be:

• the framework for establishing and reviewing the COMPANY information security objectives;
• Appropriate to the purpose and the context of the organization and support its strategic direction;
• communicated and understood within the COMPANY and Interested Parties; and
• review for continuing suitability during Management Review.