Information Security Management Policy Statement
Information security management system is integral to Kerry Logistics’ operation. We strive to assure integrity of all information we disseminate, produce, manage or store, which is duly handled through sound confidentiality procedures. This policy aims to protect our information assets from any internal, external, deliberate or accidental threats. To pursue the policy, we shall:
- ensure that all information, including internal, third party, personal and electronic data, is treated with complete confidentiality;
- maintain integrity of all such information;
- ensure that our information system and the information contained meet the needs of our core and supporting business operations;
- comply with all applicable statutory and regulatory requirements;
- safeguard security of our information assets through effective business continuity management;
- make information available to staff and the public with minimum disruption;
- increase staff awareness of information security management through education and training;
- perform reliable access control to protect our information system against unauthorized access.
Under this policy:
- All breaches of information security, actual or suspected, will be reported to and investigated by authorized persons including System Administrator and Incident Investigator;
- Information Security Management Committee is responsible for documenting and maintaining the Information Security Management System;
- Information Security documents not limited to Policies, Procedures and Guidelines will be made available in both hardcopy and online format through an intranet system to support the ISMS Policy;
- All managers shall implement the policy within their units and ensure that every staff member adheres to the policy.
This policy has been approved by the Global Executive Committee. It will be reviewed, and if necessary revised, annually to keep up to date and will be released on our company website. We welcome interested parties’ comments on the enforcement of the policy and the policy itself.