YKK Pakistan seeks to secure information of all forms within the organization against the threats, risks and vulnerability that is targeted at the 3 main components of information and data i.e Confidentiality, Integrity and Availability.YKK Pakistan’s information assets will be protected from all threats that may be attributed to internal, external, deliberate or accidental causes while considering the cost effectiveness and suitability of the remedy at all times.
All staff as well as management is responsible for the implementation of this policy and its supporting policies and documentation related to ISMS.All external parties such as suppliers and vendors are also required to refrain from all possible breaches of information security that has impact on confidentiality, integrity and availability of information. Any such breach will be duly reported and investigated by YKK management. The objective of implementing information security is to ensure business continuity and lessen business damage by minimizing the impact of security incidents and prevent any such occurrence. We are determined to maintain a defined IT security level with continuous improvement to deduct and prevent all kinds of security breaches, and incidents as per YKK Pakistan ISMF Charter.
As per standard, risk assessment for all information assets within the defined scope of Information Security Management System will be conducted and reviewed periodically. All identified risks will be reduced to an acceptable level as approved by the management. YKK PAKISTAN management is committed to comply with all business, legal/regulatory and other applicable requirements.