Information Security Policy

Responsibly is committed to maintaining the highest standards of information security by complying with all applicable legal, regulatory, and contractual requirements related to the protection of information assets. We pledge to continuously monitor and review our security practices to ensure they meet or exceed the requirements set forth by relevant standards and regulations. This commitment extends to all employees, partners, and stakeholders, who are expected to adhere to our information security policies and procedures, ensuring the confidentiality, integrity, and availability of our information assets are always protected.

Our organization is committed to supporting and continuously improving our Information Security Management System (ISMS).

In support of this commitment, our organization will:

Establish and Maintain a Comprehensive Information Security Policy: We will develop, implement, and continually update a set of policies that aligns with industry standards, regulatory requirements, and the organization's strategic objectives.

Define and Communicate Security Objectives: Measurable security objectives will be set to support our strategic goals, with clear communication to all relevant stakeholders to ensure alignment and understanding.

Allocate Necessary Resources: We will provide the financial, technological, and human resources required to effectively implement and sustain our Information Security Management System (ISMS).

Enhance Employee Awareness and Training: All employees will receive ongoing support and training to understand their information security responsibilities and to contribute to a secure working environment.

Foster a Culture of Security: A proactive security culture will be promoted throughout the organization, encouraging all individuals to prioritize and actively participate in the protection of information assets.

Commit to Continuous Improvement: We will regularly review and refine our information security policies, procedures, and controls to ensure their effectiveness and relevance, staying responsive to emerging threats and changes in the regulatory landscape.

Implement Robust Risk Management: A comprehensive risk management framework will be employed to identify, assess, and mitigate information security risks. Appropriate controls will be applied based on regular risk assessments.

Ensure Effective Communication: Open and effective communication channels will be maintained to keep all stakeholders informed about our information security policies, procedures, and any updates or changes.

Support Information Security Management Roles: We will empower relevant management roles by providing the necessary authority, resources, and guidance to ensure they can effectively fulfil their responsibilities in maintaining the security of our information assets.