Security Policy & Framework
Effective Date: June 2021
Security Policy Framework
Policy Statement
Nugi Technologies Nig Limited recognises the critical importance of maintaining robust security measures to safeguard our staff, assets, and critical infrastructure across all operational offices in Calabar, Lagos, Abuja, and London. This Security Policy Framework outlines our commitment to ensuring the highest standards of data management, people management, and resource management, in line with international security standards from 2024 to 2030.
1. Data Management and Handling
Data Protection: Implement stringent measures to protect sensitive data from unauthorised access, alteration, or disclosure, as required by international data protection standards.
Data Encryption: Utilise advanced encryption protocols to secure data transmission and storage, ensuring confidentiality and integrity.
Access Control: Restrict access to sensitive data to authorised personnel only, employing role-based access control mechanisms.
Data Retention: Establish clear policies for data retention and disposal, minimising the risk of unauthorised data exposure.
2. People Management
Employee Training: Provide comprehensive security awareness training to all staff members, ensuring they understand security protocols and their roles in maintaining security.
Background Checks: Conduct thorough background checks on all employees and contractors to mitigate insider threats.
Access Management: Implement strong controls for physical and logical access to facilities, systems, and data, regularly reviewing and updating access privileges.
Incident Response: Establish clear procedures for reporting security incidents and responding promptly to mitigate risks and minimise impact.
3. Resource Management
Asset Inventory: Maintain an up-to-date inventory of all company assets, including hardware, software, and intellectual property.
Asset Protection: Implement physical and logical security measures to protect company assets from theft, loss, or damage.
Vendor Management: Ensure that all third-party vendors and contractors adhere to security standards and guidelines, conducting regular assessments and audits of their security practices.
Business Continuity Planning: Develop and regularly test business continuity and disaster recovery plans to ensure the resilience of critical operations in the event of disruptions.
4. Compliance and Auditing
Regular Audits: Conduct routine security audits and assessments to evaluate compliance with this policy and identify areas for improvement.
Regulatory Compliance: Ensure compliance with relevant international security standards and applicable laws and regulations governing data protection and privacy.
Continuous Improvement: Review and update security policies, procedures, and controls to address emerging threats and vulnerabilities.
Conclusion
Nugi Technologies Nig Limited is committed to maintaining the highest standards of security across all aspects of our operations, from data management to people management and resource management. By adhering to this Security Policy Framework and continuously monitoring and improving our security practices, we will protect our staff, assets, and critical infrastructure, thereby earning our clients' and partners' trust and confidence.
