Xyz'S Isms Policy: Objective
Xyz'S Isms Policy: Objective
OBJECTIVE
XYZ's objective of managing information security is to ensure that its core and
supporting business operations continue to operate with minimal disruptions. XYZ shall
ensure that all information that are disbursed or produced by XYZ have absolute integrity.
XYZ shall guarantee that all relevant information are managed and stored with
appropriate confidentiality procedures.
POLICY
• The purpose of the Policy is to protect the organization’s information assets1 from
all threats, whether internal or external, deliberate or accidental.
• Internal Audit Unit has direct responsibility for maintaining the ISMS Policy and
involved with writing and/or managing the development of relevant policies,
procedures and guidelines not limited to information security.
• All managers are directly responsible for implementing the ISMS Policy within
their units, and for adherence by their staff.
The policy will be reviewed by XYZ’s ISMS Forum after a one-year duration for update.