IS Corporate Policy

GRAFFIQUO ASIA SDN BHD
INFORMATION SECURITY CORPORATE POLICY

Graffiquo Asia Sdn Bhd (GASB) is dedicated to safeguarding its information assets and
maintaining the highest standards of information security. We ensure the confidentiality, integrity,
and availability of critical information, not only to support our operations but also to protect the
trust and data of our customers. Our approach to security aligns with our business objectives,
risk management strategies, and all applicable legal and regulatory requirements. GASB is
committed to continually enhancing our Information Security Management System (ISMS) by
proactively identifying emerging threats and adapting our security controls to address evolving
business needs.
Objectives:

  1. Confidentiality: Safeguard sensitive information from unauthorized access to protect
    both company and customer data.

  2. Integrity: Ensure that all information is accurate, complete, and consistent by
    implementing controls to prevent unauthorized modification.

  3. Availability: Ensure that critical information and systems remain accessible to
    authorized users when needed to support operational eƯiciency and business continuity.

  4. Risk Management: Integrate a robust risk assessment process into our security
    practices, enabling us to identify, evaluate, and mitigate potential security risks.

  5. Compliance: Adhere to all relevant legal, regulatory, and contractual obligations
    concerning information security, such as the Cybersecurity Act 2024 (Act 854) and
    international standards like ISO/IEC 27001:2022.

  6. Continuous Improvement: Regularly review and enhance our ISMS to ensure its
    eƯectiveness, address new and evolving security threats, and adapt to changes in
    business processes and technology.
    INTERNAL USE
    INFORMATION
    SECURITY
    CORPORATE POLICY
    Doc No GASB-P-ISCP-01
    Revision No 00
    EƯective Date 2/1/2025
    Page 3 of 3

  7. Security Awareness: Promote a culture of security awareness across all levels of the
    organization through ongoing training and communication, ensuring that employees
    understand their roles and responsibilities in safeguarding information.
    By adhering to this policy, GASB strengthens its ability to protect information assets, support
    business continuity, and maintain customer trust, positioning the company as a leader in secure
    network solutions.