Information Security Policy

Libyan Spider, through its Risk Management Framework, is committed to maintaining its Information Security and establishing an appropriate level to protect, maintain and control confidentiality, integrity, availability, and access to its business and classified information, systems, and supporting assets.

Purpose and Scope

Libyan Spider’s Information Security policy is in line with the corporate mission and vision. and aims to achieve the following:

  • Information will be protected against any unauthorized access.

  • The confidentiality of information will be assured.

  • The integrity of the information will be maintained.

  • The availability of information for business processes will be maintained.

  • Legislative and regulatory requirements will be met.

  • All actual or suspected information security breaches will be reported and will be investigated.

  • Procedures exist to support the policy.

  • Compliance with the information security policy is mandatory.

Applicability

This policy applies to all functional areas within Libyan Spider that fall into the Information Security Management System (ISMS) scope and required regulatory compliances.

Information Security Policy Statement

The Information Security Policy statement is as follows:

“Libyan Spider commits to protect Business and Personal Information against unauthorized access, assuring confidentiality of information, the integrity of information, availability of information, together with information security requirements for business continuity.”

Implementation

Management of Libyan Spider, through the Information Security Governance Committee, shall provide the leadership, commitment, and resources for creating a culture of continuous improvement and support of this policy through the following objectives:

  • Anticipate and control risks affecting the confidentiality, integrity, and availability of Libyan Spider assets through the use of a Risk Management Framework which shall ensure measurable, appropriate and cost-effective controls are in place to mitigate identified risks.

  • Consider technology, strategic, operational and other risks that may have adverse effects on the Organization and its ability to fulfill its strategic, business, legal and contractual obligations.

  • Protect the information and assets involved in Libyan Spider’s key business processes and activities within the scope of the ISMS to ensure their continuity in the event of disruptions and disasters.

  • Deploy a cross-functional security network to address various security, risk, audit, and other activities to ensure that the ISMS remains in line with business, strategic, and regulatory requirements without hindering productivity or workflow.

  • Establish an Information and Cyber Security program to protect against unauthorized access and cyber intrusion of those digital computer systems, communication systems, and networks.

© Copyright 2022. Libyan Spider, Ltd.