Skip to content

Tenece

Contact Us

INTEGRATED MANAGEMENT SYSTEM (ISMS, BCMS) POLICY STATEMENT

Tenece Professional Services (‘Tenece’) is a multi-competency enterprise transformation and technology-consulting services firm that specializes in delivering technology solutions to meet the needs of our clients. We combine expertise and capabilities across many industries and business functions to deliver superior value to our clients – both in the private and public sectors and build high performance enterprises. We are also positioned to solve mid-tier problems — the middle of the bell curve where IT managers face a steady diet of technology upgrades, application rollouts and business problems which require resources beyond their own.

Tenece’s fundamental commitment to excellence is evident in everything we do, regardless of how challenging the task is. Our desire is to appreciate and meet the needs of our clients by delivering quality, value-added solutions.

To ensure the preservation of the confidentiality, integrity and availability of our information assets and continuous operations always, the organization has implemented an Integrated Management System (IMS) encompassing the Information Security Management System and Business Continuity Management System (BCMS) in line with the standards of the ISO 27001:2013 and ISO 22301:2019, respectively.

This will be demonstrated by:

  • The setting of policy and the provision of appropriate resources to establish and develop the IMS.
  • A systematic and regular review of the performance of the programme to ensure that information security and business continuity objectives are being met and relevant issues are identified through the audit programme and management processes.
  • A business impact and risk assessment process will be used which is in line with the requirements and recommendations of the standards. The business impact analysis will enable the identification of prioritized activities while the risk assessment and treatment will take place at several levels within the IMS, including:
    • IMS management planning – risks to the achievement of objectives and actions to address them
    • Risk to the confidentiality, integrity, and availability of information assets
    • Risk of disruptions to mission-critical business functions
    • Assessment of the risk of changes as part of the business change management process
    • At the project level as part of the management of significant business change
  • The continual improvement of the IMS and the addressing applicable requirements of the standards.

The IMS policy shall be communicated to all relevant stakeholders and interested third parties.