ISMS – Information Security Policy

Sterling International Consulting delivers management consultancy services with information security at the center of business processes to protect information generated within the organization, information acquired during project execution and information stored / transmitted during service delivery.

It is the policy of Sterling to:

  • Ensure confidentiality, integrity and availability of business information.
  • Make details of our policy known to all other interested parties, including external parties where appropriate, and determine the need for communication and by what methods relevant to the business management system.
  • The creation of the ISMS will include listing all information assets and the security risks that may arise for each of the information assets including process / project based approach to information risk management.
  • Comply with all legal requirements, codes of practice and all other requirements(statutory, regulatory, contractual) applicable to our activities; therefore, as a company, we are committed to satisfy applicable requirements related to information security and the continual improvement of the ISMS.
  • Provide required resources including hardware, software, applications, trained and competent staff and any other requirements to ensure these objectives are met.
  • Ensure that all employees are made aware of their individual obligations in respect of this information security policy.
  • Maintain a management system that will achieve these objectives and seek continual improvement in the effectiveness and performance of our management system based on “risk”.
  • Sterling will periodically review its current practices, policies and guidance to recommend any
    changes or improvements to ensure we apply appropriate security measures and continually enhance our information security performance.

This information security policy provides a framework for setting, monitoring, reviewing and achieving our objectives, programmes and targets. To ensure the company maintains its awareness for continuous improvement, the business management system is regularly reviewed by “Top Management” to ensure it remains appropriate and suitable to our business. The Business Management System is subjected to both internal and external annual audits.

Information Security is the responsibility of all employees at Sterling International Consulting.