Information Security Policy

1. Purpose

The purpose of this Information Security Policy is to protect the confidentiality, integrity, and availability of MField MEA’s information assets. This policy outlines the measures and responsibilities required to safeguard our data, including data collected through public questionnaires and stored locally at our headquarters.

2. Scope

This policy applies to all employees, contractors, consultants, temporary staff, and other workers at MField MEA, including all personnel affiliated with third parties. It encompasses all information systems, hardware, software, and data storage facilities located at our headquarters.

3. Information Security Objectives

• Protect information assets against unauthorized access or modification.
• Ensure the availability and reliability of information systems.
• Maintain the confidentiality of sensitive data.
• Comply with legal and regulatory requirements.
• Foster a culture of security awareness within the organization.

4. Security Policies

4.1 Access Control

• Access to data and systems is granted based on business needs and job responsibilities.
• Employees are assigned unique user IDs and passwords, which must be kept confidential.
• Access rights are regularly reviewed and updated as needed.

4.2 Application Security

• All applications used within the organization are assessed for security vulnerabilities.
• Secure coding practices are followed to minimize risks.

5. Roles and Responsibilities

5.1 IT Manager

• Develops and maintains the Information Security Policy.
• Conducts regular audits and compliance checks.
• Provides training and awareness programs.
• Manages security incidents and responses.

5.2 Employees

• Adhere to information security policies and procedures.
• Report any security incidents or breaches to the IT Manager.

6. Compliance and Monitoring

• Regular audits and assessments are conducted to ensure adherence to this policy.
• Monitoring systems are in place to detect and respond to security incidents.

7. Review and Update

This policy is reviewed annually or when significant changes occur. Updates are made to reflect new threats, technological changes, and legal or regulatory requirements.

8. Contact Information

For questions or concerns regarding this policy, please contact:

IT Manager: Khalid Bentaja
Email: [email protected]
Phone: +212 661-247956