Skip to main content

Information Security Policy of LDC LEGENDSLAB DIGITAL CREATION LTD

The Information Security Policy of LDC LEGENDSLAB DIGITAL CREATION LTD is designed to effectively support the company’s mission.

1.1. Responsibilities

Management is the highest authority within LDC LEGENDSLAB DIGITAL CREATION LTD regarding Information Security and is responsible for encouraging staff participation in preventive detection and in taking actions aimed at continuous improvement. Although all members of the organization must take this policy into account, it is the management team that must ensure that information security is properly managed.

1.2. Objectives

The main objective of information security is to ensure business continuity by minimizing risks through the prevention of incidents and reducing their impact when they cannot be avoided. This includes preserving the confidentiality, integrity, and availability of the company’s information.

In order to provide quality services while maintaining information under the principles of Confidentiality, Availability, Integrity, and traceability, Management has decided to implement an Information Security Management System (ISMS) based on the guidelines of ISO 27001:2013, with the following purposes:

  • To ensure customer satisfaction through continuous improvement and the commitment of all employees, protecting information through strict security controls.

  • To assess and improve company processes in order to prevent quality failures and minimize risks.

  • To comply with the technical, regulatory, and legal requirements applicable to services and products.

  • To provide the framework for establishing objectives that support the continuous improvement of the ISMS.

  • To contribute to the fulfillment of the company’s mission, objectives, and strategies.

  • To protect and ensure the security of people, processes, information, and systems.

  • To maintain an environment free from disruptive noise for the proper development of activities.

  • To extend the security commitment to third parties, who must respect the measures adopted.

  • To update security rules, guidelines, and procedures in line with new requirements, evaluating the performance and effectiveness of the management system.

  • To promote a resilient corporate culture by raising awareness and training staff to prevent incidents and detect their possible existence.

  • To comply with legal and regulatory obligations relating to information security.

  • To integrate risk management into decision-making, minimizing risks as far as reasonably possible.

1.3. ISMS updates

This policy will be reviewed periodically by Management in order to meet the organization’s objectives. An additional review will be required if:

  • Major security incidents occur.

  • A system audit is unsuccessful.

  • Changes take place in the organization’s structure.

1.4. Interested parties

This policy is established, maintained, and distributed among the partners, employees, suppliers, and clients of LDC LEGENDSLAB DIGITAL CREATION LTD. It is available on the company website and on the company’s private intranet.

Signed,

Management