Organization Logo

PT Mayar Kernel Supernova

Resources (43)

Here are the important security policies and documents which are a part of PT Mayar Kernel Supernova’s compliance program.

Communications & Network Security Policy

Communications & Network Security Policy aims to ensure the secure management and control of networks, protecting systems and applications from threats.

Asset Management Procedure

Asset Management Procedure outlines a systematic approach for maintaining, handling, and protecting all information assets in line with internal and external security requirements related to the business

Code of Business Conduct Policy

Code of Business Conduct Policy outlines the expected behavior of all staff members, promoting a respectful and collaborative work environment.

Business Continuity & Disaster Recovery Policy

Business Continuity & Disaster Recovery Policy provides guidelines to ensure the continuity of operations and recovery during disasters.

Cardholder Data Management Policy

Cardholder Data Management Policy outlines guidelines and procedures for securely handling and protecting payment card data in compliance with Payment Card Industry (PCI) Data Security Standards (DSS).

Data Breach Notification Policy

Data Breach Notification Policy outlines procedures for promptly notifying individuals and authorities in the event of a data breach.

Data Classification Policy

This policy outlines a framework for categorizing data based on sensitivity and value to ensure proper access controls and protection of critical corporate information.

Endpoint Security Policy

Endpoint Security Policy outlines measures to protect an organization's production systems and critical data from unauthorized access via information systems accessed by internal and external users.

Acceptable Usage Policy

Acceptable Usage Policy outlines proper use of company systems, tools, equipment and data to protect critical information.

Access Control Policy

Access Control Policy ensures that access to company assets is controlled based on business and security requirements.

Data Retention Policy

Data Retention Policy outlines procedures for managing the organization's data and business information.

Asset Management Policy

Asset Management policy outlines guidelines for the classification, protection, and responsible handling of company assets at all stages of their lifecycle.

Access Control Procedure

Access Control Procedure establishes a comprehensive framework for managing user access and controlling access to assets and information systems both within and outside the organization.

Encryption Policy

Encryption Policy outlines the guidelines for encrypting data at rest and in transit to enhance data security for the company.

Data Protection Policy

Data Protection Policy outlines the measures to safeguard personal information and comply with data protection laws, business requirements, local regulations, and contractual obligations.

HR Security Procedure

HR Security Procedure ensures secure handling of employee information and company assets that the employee has access to, throughout their employment lifecycle.

PHI Data breach Notification Procedure

PHI Data Breach Notification Procedure outlines steps to promptly notify affected individuals and regulatory authorities in the event of a breach of Protected Health Information (PHI), ensuring compliance with HIPAA regulations

Cloud Security Policy

Cloud Security Policy outlines guidelines for maintaining a secure cloud environment, specifying requirements for third-party Cloud Service Providers, covering aspects like logical data segregation, log collection, encryption, access control, incident management, and compliance certifications.

Incident Management Policy

Incident Management policy establishes measures for promptly identifying, reporting, assessing, and responding to information security incidents within the company's scope.

Business Continuity Plan

Business Continuity Plan outlines procedures to ensure the organization's resilience in the face of extended service outages caused by factors beyond control.

HR Security Policy

HR Security policy establishes measures to safeguard company information and assets with respect to the employment lifecycle of staff members, from recruitment to termination.

Compliance Policy

Compliance policy ensures adherence to regulatory and legal requirements, encompassing statutory, regulatory, and contractual obligations.

Personal Data Breach Notification Procedure

Personal Data Breach Notification Procedure ensures compliance with the General Data Protection Regulation (GDPR) by outlining steps for promptly notifying affected individuals and relevant authorities in the event of a breach.

Incident Management Procedure

Incident Management Procedure provides a structured framework for addressing internal and external incidents impacting information security systems.

Network Security Procedure

Network Security Procedure outlines measures to safeguard networks, including how the organization interacts with cloud services and external environments such as vendor and customer systems, against unauthorized access and data breaches.

Media Disposal Policy

This policy ensures the secure disposal of electronic and physical media to prevent unauthorized access to critical data and demonstrate ongoing data protection.

Risk Assessment & Management Policy

Risk Assessment & Management Policy outlines the systematic approach adopted by the company to identify, prioritize, and manage risks impacting its commitments based on business requirements.

Physical and Environmental Security Procedure

Physical & Environmental Security Procedure aims to safeguard sensitive information and prevent unauthorized access to physical spaces and assets.

Organization of Information Security Policy

Organization of Information Security Policy establishes a governance framework for information security roles, responsibilities, and authorities within the organization.

Operation Security Policy

Operational Security policy ensures the secure processing of production infrastructure, including change management and backups, to maintain the availability of services.

Operations Security Procedure

Operations Security Procedure outlines guidelines to ensure the operational security of services provided by the company.

Compliance Procedure

Compliance Procedure outlines methods for managing regulatory and legal compliance requirements within the scope of the Information Security Management System (ISMS)

Privacy By Design Policy

Privacy By Design Policy emphasizes integrating privacy considerations into all aspects of product and service design, development, and maintenance throughout their lifecycle.

Physical & Environmental Security Policy

Physical & Environmental Security Policy outlines guidelines for managing security aspects related to infrastructure and workspace environments arising from physical and environmental threats.

SDLC Procedure

Software Development Lifecycle Procedure outlines the process for developing software products, defining the roles and responsibilities of the engineering team

Vendor Management Policy

Vendor Management Policy outlines guidelines for managing vendor relationships critical to the operational integrity and data security of the company.

System Acquisition and Development Lifecycle Policy

System Acquisition & Development Lifecycle Policy outlines guidelines to ensure that software development and acquisition related activities adhere to integrated information security considerations throughout the lifecycle.

Information Security Policy

Information Security policy establishes guidelines for safeguarding various information system assets, including organizational, client, and other relevant assets.

Vendor Management Procedure

Vendor Management Procedure outlines how the organization manages relationships with third-party vendors critical to its operations, including assessing and managing vendor risks.

ISMS Information Security Roles & Responsibilities

ISMS Manual

System Description

ISMS Scope Document