logoBereej Technologies

Information Security Policy

Bereej is committed to safeguarding all its information assets against any loss of confidentiality, integrity, and availability that could impact our finances, operations, legal or contractual obligations, or reputation.

As part of this commitment, Bereej will implement, maintain, and continuously improve the suitability, adequacy, and effectiveness of its Information Security Management System (ISMS).

Our Information Security Objectives

  1. 1

    Ensure confidentiality, integrity and availability of the information assets.

  2. 2

    Any data or information, including but not limited to, organizational information, confidential data, intellectual property, personal data or personally identifiable information (PII) is a valuable asset and must be protected from unauthorized access, sharing, disclosure, modification, loss, damage and destruction.

  3. 3

    Manage information security of all data and information which is created, collected, acquired, stored, retained, processed, transferred, shared, distributed by Bereej, whether it belongs to them or to their customers, is the key towards building trust and confidence.

  4. 4

    Ensure compliance with relevant laws, regulations and contractual obligations related to information security.

  5. 5

    Implement a risk management framework to identify, assess, and mitigate information security risks effectively.

  6. 6

    Enhance the awareness and knowledge of employees regarding information security risks, best practices, and their roles and responsibilities in safeguarding information assets.

  7. 7

    Incorporate security controls throughout the software development lifecycle to ensure the development and deployment of secure applications.

  8. 8

    Ensure privacy and protection of personally identifiable information.

  9. 9

    Anticipate and prevent cyberattacks / cyber incidents.

  10. 10

    Ensure the cyber-resiliency of the information system.

  11. 11

    Protect the customer data in accordance with contractual requirements.

  12. 12

    Ensure that information systems are available and accessible to authorized users when needed, minimizing any potential downtime or disruptions that could impact business operations.

  13. 13

    Ensure the continuous improvement of the Information Security Management System (ISMS) in accordance with ISO/IEC 27001 requirements. Improvement actions are driven through regular monitoring, audits, management reviews, and the treatment of identified risks and opportunities.

Bereej is committed to a culture of security, ensuring that information security is an integral part of our operations and business processes.