Information Security Policy

AMITA has in place a robust information security management system and adheres to relevant information security laws and regulations to protect its information assets and retain the trust of the public.

AMITA has in place internal rules based on this Policy that define how to handle and manage its information assets. The rules are also intended to inform internal and external stakeholders of AMITA's determination to take disciplinary action against any unauthorized disclosure of information.

AMITA has in place a secure information system that safeguards its information assets against unauthorized, whether intentional or accidental, access, leakage, tampering, loss, destruction, or obstruction.

AMITA trains all its officers and employees in information security on a regular basis to help them acquire and exercise information security literacy at work.

Before signing agreements with subcontractors, AMITA assesses their qualification thoroughly. AMITA includes in agreements with subcontractors a clause demanding that they meet information security requirements equally or more stringent than those met by AMITA.

AMITA conducts regular internal audits to ascertain whether its officers and employees adhere to this Policy and other information security regulations and rules. AMITA uses audit findings to identify and address issues with its information security management practices.

The information assets governed by this Policy refer to information that AMITA acquires or comes to learn in business, as well as all business information in its possession. All AMITA officers and employees must adhere to this Policy when handling and managing these information assets.