Information Security Policy and Business Continuity

Information Security Policy Statement

The Company is committed to consistently exercising due care and due diligence in safeguarding Information and Information Systems from unauthorised access, use, disclosure, destruction, modification, disruption, or distribution. This commitment is vital for maintaining our reputation with clients through the principles of confidentiality, integrity, and availability.

Management is dedicated to considering all legal, regulatory, contractual, and business requirements, ensuring comprehensive security measures are implemented, managed, and maintained across all entities within the Stickee Technology Group. Although Stickee Technology Ltd is the sole ISO 27,001 certified organisation within the Stickee Technology Group, all affiliated entities adhere to the ISO 27,001 standard, ensuring alignment with Information Security, Cyber Security and Data Protection/Privacy best practices.

Continuous risk assessments against established criteria are an ongoing priority. The Management Team is responsible for establishing and maintaining the Information Security Management System (ISMS), ensuring its integrity through personnel instruction and training. Each employee holds a responsibility to comprehend and uphold the required standards, emphasising personal responsibility for maintaining integrity.

Additionally, Management ensures that any subcontractor engaged for a specific function will meet the same specified requirements and accepts accountability for their actions. The organisation upholds a Policy of Continuous Improvement and Objective setting in line with the best practice requirements established by the ISO 27,001 Standard.

Regular monitoring of the Information Security Management System (ISMS) falls under Top Management’s ultimate responsibility, with status and effectiveness regularly reported at all levels. This approach ensures a proactive stance in addressing security challenges and maintaining a robust security posture.

Business Continuity Policy Statement

The Management Team accepts and retains responsibility for establishing, maintaining and implementing a Business Continuity Management System (BCMS) for controlling those particular activities for which it is responsible. We commit to ensuring, through instruction, practical examples, and training, that the quality and delivery of a sustainable service are the primary goals for all members of the company.

It is essential that each employee and interested party comprehends the significance and direct relevance of the Business Continuity Management System to the ongoing success, viability, and reputation of the company.

Specifically, the Management Team, aligned with its commitment to international standards, will ensure all entities within the Stickee Technology Group comply with applicable legal, regulatory, contractual, and business requirements, in addition to broader industry protocols.

Whilst only Stickee Technology Ltd holds ISO 22,301 certification, all entities within the Stickee Technology Group adhere to the requirements of the ISO 22,301 standard. To ensure ongoing adherence for all group entities, The Management Team has documented all interested parties and allocates appropriate resources for planning, implementing, maintaining, and reviewing the Business Continuity Management System.

This comprehensive approach involves conducting thorough business impact and risk assessments, developing a plan, and establishing incident response procedures capable of effectively addressing and recovering from any disruptive incident. Communication of these procedures occurs internally to all staff and externally to relevant interested parties. Periodic testing, review, and maintenance of incident procedures are integral components of our steadfast commitment to business continuity.

Each employee is assigned designated responsibilities and receives applicable training to fulfil duties required for their specific roles within incident procedures and response. The company ensures that any subcontractors employed for a particular function are aware of the incident response and recovery procedures.

The company has a policy of continual improvement and has established objectives in line with the framework laid down by the ISO 22,301 standard.

We hereby certify that this Business Continuity Policy, along with company standard operating procedures, accurately describes the Business Continuity Management System in use within the company and aligns to the requirements of the ISO 22,301 standard.

Supporting this ongoing alignment to the ISO 22,301 standard, the Business Continuity Management System will be formally monitored, reviewed, and tested, in line with a suite of objective performance measures approved by the senior management team.