Information Security Policy

It is policy of Evamp & Saanga to create, maintain and continually improve the Information Security Management System and to adhere to Information Security Management System practices in compliance with best practices required for Software development and information security needs of the customer.

Evamp & Saanga works within the framework of the Local Government, while fulfilling the contractual obligation of the client. This is to ensure the protection of its information assets from all threats – internal or external, deliberate or accidental and natural disasters.

Furthermore, to achieve this objective Evamp & Saanga will ensure the following:

  • Business requirements for availability of information and systems are met.
  • Confidentiality, Integrity and Availability (CIA) of the information is maintained throughout the process flow.
  • All legal, regulatory, contractual and business requirements are met
  • All corporate assets (tangible/intangible) are located in a physically and logically secure environment.
  • Risks to all corporate assets (tangible/intangible) are assessed and against all risks appropriate
  • Contingency and risk mitigation plans are defined.
  • Human resources are provided with conducive work environment, free from safety hazards.
  • All personnel are trained on information security procedures.
  • Physical, Logical and Remote access to all the corporate assets (tangible/intangible), information and physical locations is monitored and controlled.
  • Business continuity plans are established, maintained, and tested and periodically and updated as needed.