OVERARCHING INFORMATION SECURITY POLICY

 

The Board and Management of Pajuno located at 1A, Madam Cellular Street, Agungi, which operates in the data preparation and card personalisation sector, provides excellent data preparation and card issuance services and is committed to preserving the confidentiality, integrity, and availability of all personal identifiable information, electronic information assets, physical and customer information (including primary account numbers, personal identifiable information, etc.) throughout the organization to preserve its competitive edge, assets, profitability, legal, regulatory, contractual compliance, and commercial image.

Information security requirements are aligned with organizational goals and objectives. The Information Security Management System (ISMS) serves as an enabling mechanism for information sharing, processing, transmitting, storage, threat intelligence electronic operations, e-commerce, intellectual property rights protection, and reducing information, cybersecurity, and privacy-related risks to acceptable levels.

Pajuno’s current strategy and Information Security Management framework provide the context for identifying, assessing, evaluating, and controlling information-related, cybersecurity, and privacy-related risks through the establishment and maintenance of the ISMS. The Information Security Manager is responsible for managing and maintaining the risk treatment plan.

Business continuity, ICT readiness, contingency plans, avoidance of viruses and hackers, access control to systems, and information security incident reporting are fundamental to this policy. All employees of Pajuno are responsible for reporting security, privacy, and cybersecurity breaches.

All employees of Pajuno and related external parties identified in the ISMS are expected to comply with this policy. Staff will receive ISMS-related training, and related external parties will be required to provide evidence of ISMS training.

Pajuno has established an Information Security Steering Committee (ISSC) with members drawn from across the organization.

Pajuno is committed to aligning its processes, operations, products, and services to the ISO/IEC 27001:2022, NDPA Act 2023, PCICP, and PCI DSS requirements to ensure cyber resilience, integrated security service management, and protection of its information assets.

The ISMS is subject to continuous and systematic review with improvements where necessary. The Information Security Manager owns this document and is responsible for ensuring it is reviewed and approved by the Board annually or after relevant changes/incidents.

A current version of this document is available to all staff via email and Office 365 SharePoint OneDrive. It does not contain confidential information and, when considered not confidential, may be released to relevant external parties.

This policy was agreed and approved by the Board and Executive Management and is issued on a version-controlled basis. Breaches of this policy or any security mechanism may warrant disciplinary actions, up to and including termination of employment/contract.

© 2025 Pajuno Development Company Limited. All rights reserved.
Pajuno Development Company
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.