1. Purpose
The purpose of this Information Security Management System (ISMS) policy is to define JEB Ltd’s commitment to protecting the confidentiality, integrity, and availability of its information assets. This policy establishes the framework through which information security is managed across the organisation, ensuring that risks are identified and controlled in alignment with business objectives, legal obligations, and stakeholder expectations. It supports the implementation and continual improvement of the ISMS to safeguard critical
data, maintain customer trust, and ensure operational resilience.
2. Policy Statement
JEB Ltd strives to maintain an adequate level of information security for the benefits of its employees/users, regulatory bodies, clients, third parties (service providers/contractors). It has therefore implemented an Information Security Management System (ISMS) in line with the international standard for information security, ISO 27001:2022.
In line with its strategy, JEB Ltd commits to:
- Communicate and enforce its ISMS Policy at all levels of the organisation and make it available to all its interested parties by sending an email and update where necessary.
- Comply to all applicable laws and regulations, contractual obligations, and requirements of ISO 27001:2022.
- Adopt a risk management approach to identify and continually assess and treat information security risks.
- Ensure confidentiality, integrity, and availability of relevant information in all its processes.
- Secure its information assets defined in the Information Asset Inventories against unauthorised access and modification.
- Ensure business continuity plans are established, maintained, and tested.
- Provide necessary resources to maintain the ISMS.
- Maintain an effective and efficient ISMS based on the requirements of ISO 27001:2022 and seek its continual improvement.