Information Security Management System (ISMS) Policy

1. Purpose

IAMPL Solutions Private Limited ("IAMPL") is committed to ensuring the confidentiality, integrity, and availability of all information assets. This policy defines our approach to managing information security in line with ISO/IEC 27001.

2. Scope

This policy applies to all IAMPL employees, contractors, vendors, and third parties who access IAMPL's information assets or systems, in any form—digital, physical, or verbal.

3. Information Security Objectives

• Protect information from threats
• Ensure secure operations
• Comply with legal and customer obligations
• Promote security awareness
• Handle incidents effectively

4. Policy Commitments

• Implement and maintain an ISMS
• Comply with legal and contractual obligations
• Assess and manage risks
• Allocate resources for ISMS effectiveness
• Review controls regularly
• Train personnel on security best practices
• Report and investigate incidents promptly

5. Roles and Responsibilities

• Top Management: Lead and support the ISMS
• ISMS Manager: Manage risks and oversee ISMS operations
• Employees & Contractors: Follow policies and report incidents

6. Continuous Improvement

IAMPL commits to continuously improving the ISMS through audits, reviews, and lessons learned from incidents and assessments.

7. Policy Review

This policy is reviewed annually or when significant changes occur in business, legal, or security environments.

Contact