AFITCO FOREIGN TRADE MARKETING INDUSTRY AND TRADE INC. INFORMATION SECURITY POLICY

AFITCO Foreign Trade Marketing Industry and Trade Inc. and its affiliated brands (AFITCO) consider corporate and personal information belonging to itself and its stakeholders as critical assets. All AFITCO employees and stakeholders must continuously and effectively protect information systems and physical workspaces that contain corporate information against threats.

The purpose of information security is to ensure that all types of information belonging to AFITCO and/or its stakeholders are accessible only to authorized individuals, stored completely and accurately, and available when needed. Additionally, due to the nature of AFITCO’s operations, it aims to prevent any material or moral damages resulting from security vulnerabilities and to mitigate their potential impact.

Regardless of their positions or responsibilities, all AFITCO personnel and third parties who have access to AFITCO’s information systems and data are required to comply with the information security policies and procedures established by AFITCO.

AFITCO expects all employees and stakeholders to adhere to the following principles:

  • Full compliance with the requirements of the Information Security Management System established and maintained within AFITCO.
  • Ensuring the confidentiality, integrity, continuous availability, and control of AFITCO’s information and information systems.
  • Limiting risks arising from the loss, corruption, or misuse of AFITCO’s information assets.
  • Reporting any suspected information security vulnerability or incident related to AFITCO to the Information Security Incident Manager.

The Information Technology Department is the functional owner of policies and procedures that define information system operations and is committed to ensuring their proper implementation at AFITCO. Department managers are primarily responsible for implementing necessary measures and monitoring activities to ensure compliance with corporate information security policies and procedures within their respective units.

Violations of corporate information security policies and procedures are also considered ethical breaches and may result in disciplinary action. Information security violations identified through supervision, audits, or reports may lead to disciplinary measures, including termination of employment.

AFITCO is committed to meeting applicable information security requirements and continuously improving the Information Security Management System it maintains.