Information Security Management System – ISO270001(ISMS)
ZapCom was awarded ISO 27001 certification — an International Standard for Information Security Management System issued by external auditors — by Universal Registrars. We are ISO27001:2013 certified. This certification verifies the compliance of Zapcom’s business operations as per the latest Statement of Applicability.
The ISMS will provide us with a systematic approach to combating a broad range of security risks to both our own proprietary information assets and those (such as customer data and personal information about employees) over which we have a duty of care. In addition, a formal certificate of compliance with ISO 27001 will enable us to demonstrate to customers, business partners and other stakeholders that we take our information security obligations seriously, hopefully without them needing to conduct their own audits on us.
The management of information risk and security within ZapCom Group
Information risk and security is a complex area to manage. Potential risks to our information assets (particularly the valuable proprietary information in our computer systems and filing cabinets) are difficult to determine and bring under control, especially in ways that don't unduly interfere with our legitimate use of the information.
The most practical and cost-effective way for ZapCom Group to handle its information risk, security, privacy and governance obligations, and to be seen to be doing so, is to adopt an ISMS that complies with the international standard "ISO 27001". An ISO 27001 ISMS comprises a framework of policies and processes to manage our physical, technical and procedural security controls systematically.
Zapcom’s ISMS Policy:
We at Zapcom are committed to maintaining and improving information security within our practices and minimizing both our and our stakeholder’s exposure to data security risks. It is therefore Zapcom’s policy to ensure that: The confidentiality of corporate, stakeholder, customers and employees information will be assured
- Meeting or exceeding security management requirements as required
- Sensitive information will be protected against unauthorized access.
- The integrity of information will be maintained.
- Information will only be made available to authorized business processes and employees as required.
- Regulatory and legislative requirements will be met.
- Business continuity plans for mission critical activities will be produced, maintained and tested.
- An information security training program will be implemented available to all staff.
- All breaches of information security, actual or suspected, will be reported and investigated by company security personnel.
- This applies to all information collected, used or disclosed in the course of commercial activities by ZapCom.
In more detail, the ISMS will be used to:
- Systematically assess the organization's information risks in order to establish and prioritize its security control requirements, primarily in terms of the need to protect the confidentiality, integrity and availability of information.
- Design and implement a suite of security controls, both technical and non-technical in nature, to address any risks deemed unacceptable by management.
- Ensure that our security controls comply with applicable laws, regulations and contracts.
- Operate, manage and maintain the security controls (e.g. using security metrics to measure and improve security performance).
- Monitor and continuously improve information security, updating the controls when the risks change (e.g. responding to novel hacker attacks or frauds, preferably in advance thereby preventing us from suffering actual incidents!)
Quality Management System – ISO9001 (QMS)
Our quality philosophy is derived from a simple goal “to recognize the needs of our customers and to fulfill them”. We will adopt global best-practice standards in the delivery of our services and will maintain an environment of self-evaluation and continuous improvement
The ISO 9001 certification is a testimony of Zapcom’s quality to potential and existing customers that we are a professionally run organization that maintains quality standards of processes and deliverables.
Zapcom was awarded ISO 9001 certification— an International Standard for Quality Management System, issued by external auditors — by Universal Registrars.
Use of ISO 9001 standards safeguard our quality policy in below terms:
- Improved quality and service.
- Right first-time approach and On-time delivery.
- Reduced wastage and increased productivity.