Top Management at UDST-ITD are committed to protecting the confidentiality and integrity of all UDST information assets, ensuring availability in accordance with business objectives and in compliance with all statutory, regulatory, and legal requirements. The security of information and other assets is therefore regarded as fundamental for the successful business operation of the organization.
Hence, UDST ITD has adopted an Information Security Management System (ISMS) aligned to the requirements of ISO/IEC 27001:2022 and all applicable legal and regulatory standards encompassing; the information security policies, procedures, and processes to effectively protect data/information of UDST and its customers.
The objectives of the information security program at UDST are to ensure that:
- Confidentiality and Integrity of information are maintained.
- Business requirements for the availability of information are met.
- Information security education, awareness and training are provided to UDST members and relevant external parties
- Applicable regulatory and legislative requirements are always met
- Sensitive data is adequately protected while stored and when in transit, based on organizational requirements.
- UDST is protected from liability or damage through the misuse of information or information systems.
- Information is disposed of in an appropriately secure manner when it is no longer relevant or required
- All security documentation, including departmental procedures and policies, shall be reviewed annually.