Information Security Policy

Information is a key

Information is a key asset in our operational processes. Therefore, we at PT Aktuator Cipta Cendekia are fully committed to protecting the information of our clients, partners, and internal company personnel. We adopt the ISO/IEC 27001:2022 standard as a framework to ensure the confidentiality, integrity, and availability of all data we manage.

The following are the main points of our information security policy:

1. We implement an Information Security Management System (ISMS) that refers to the ISO/IEC 27001:2022 standard.
2. Top management representing the organization demonstrates a strong commitment to implementing and maintaining the ISMS, in accordance with the laws and regulations and contractual obligations applicable in the Republic of Indonesia.
3. This security policy will be communicated thoroughly to all employees, contractors, and third parties to ensure easy-to-understand compliance.
4. We continuously improve employee awareness, knowledge, and skills related to information security through training and socialization.
5. The company routinely conducts risk assessments to identify and manage threats and vulnerabilities that could compromise information security.
6. Each employee is fully responsible for protecting information assets and complying with all established policies and procedures.
7. Any potential threats or security incidents must be reported immediately to the Chief Information Security Officer (CISO) or the ISMS team.
8. Violations of this policy will be subject to disciplinary sanctions, including revocation of access rights and actions in accordance with company regulations.
9. We are committed to continuously improving the effectiveness of ISMS through periodic reviews, continuous improvement, and planned enhancements to ISMS in order to achieve compliance, adequacy, and effectiveness of ISMS.
10. This policy statement will be reviewed at least once a year or if there are significant changes that affect our business or technology.