We Safeguard Your Information
Protecting Your Data With Industry-Leading Standards
Contour Software IT Department is ISO/IEC 27001 Certified
ISO 27001 is a leading international standard for Information Security, Cybersecurity, and Privacy protection that helps organizations of all sizes and industries protect their information in a systematic and cost-effective way. By implementing ISO 27001, companies can safeguard their valuable data and demonstrate their commitment to cybersecurity and privacy of information for customers, clients, stakeholders, and partners.
Our Information and Cyber Security Policy
The information assets of Contour IT are protected from all types of threats, whether internal or external, deliberate, or accidental, natural, or catastrophic, such that the confidentiality of information is maintained, integrity of information can be relied upon, availability of information is ensured, and all legal, regulatory, statutory, and contractual obligations are met.
01.
The Information Security Policy is a high-level document and will implement the suitable and appropriate controls to protect or safeguard the information.
02.
Information security policy applies to Information Security functions/resources or services from all Contour Software affiliates.
03.
All workforce members, third-party vendor’s/Contractors, and Interested parties who have access to Contour’s Information must abide by/adhere to the Information Security Policy, policies, processes, and procedures.
04.
Failure to comply with the Information Security Policy(s), processes, and procedures will lead to disciplinary action, as stated in the Employee Handbook(employees) and in accordance with the current Electronic Crime Act, 2016.
05.
Information security education and training/awareness is available to all employees and third-party vendors/Contractors.
06.
Contour conducts an annual risk assessment or when a solution/project is launched for security controls to understand applicability, implementation time, and required investments. Based on the above, exceptions could be obtained, provided suitable compensatory controls are applied to mitigate the risks in the interim period.
07.
Contour’s management is ultimately responsible for implementing the Information Security Management System and is committed to continually improving information security compliances to protect and safeguard the ISMS under the scope of Contour Software Pvt Ltd.
08.
The GRC team is responsible for maintaining, educating, and ensuring compliance with information security policies, processes, and procedures among all workforce members.
09.
The manager of GRC Security is responsible for reviewing and making any changes to the information security policy; however, the changes will be approved by the AVP of IT Governance / Managing Director.
Get In Touch With Us
Email Us
Locations
Karachi | Lahore | Islamabad | Toronto
