Information Security Policy

PP-LAM-SMKI-06 | REV 00, 150523

Management and all employees of PT Proteksi Pradana have a strong commitment to ensuring business continuity and avoiding potential losses that may arise from information security issues. They are determined to protect the security of information from threats to confidentiality, integrity, and availability of information.

For this purpose, the management of PT Proteksi Pradana has established the following policies:

  1. Ensuring that top management, all employees, vendors/suppliers, and insurance partners carry out their duties and responsibilities and maintain information security according to the established procedures.
  2. All mobile devices are protected according to the risks associated with their use.
  3. Protection of information transfer processes and data storage when working both inside and outside the office is carried out to ensure secure working conditions.
  4. Access to work devices and networks is regulated in such a way as to prevent data theft and reviewed according to business and information security requirements.
  5. The application of encryption methods is developed and consistently applied.
  6. Desks, work devices, and other storage media must be clean, locked, or neatly stored to prevent easy access by others.
  7. Ensuring that information transfer processes, information management, information restrictions, and information authorization are carried out with the knowledge/approval of top management.
  8. The use of presentation materials, marketing materials, and props must be free from customer data/information.
  9. Encouraging employees to report any mistakes or information security incidents to the person responsible for information security.
  10. Reporting to top management if client/customer data is used by a third party (with supporting documentation).
  11. Limiting the use of removable media/flash drives, except for specific purposes.
  12. Setting information security objectives and monitoring them.
  13. Declaring commitment to comply with applicable information security requirements and the continuous improvement of the Information Security Management System.