Integrated Management System (IMS) Policy

Policy Statement & Strategic Commitment

Cecure Intelligence Limited (CIL) provides innovative, secure IT solutions and managed services. Our strategic direction is driven by an unequivocal commitment to achieving excellence and inspiring confidence in everything we do. We are dedicated to delivering superior quality, ensuring the robust security of information, providing exceptional IT service management, and upholding our responsibility to protect the environment.

To achieve this, Top Management is fully committed to establishing, implementing, maintaining, and continually improving a unified Integrated Management System (IMS). Our IMS is designed to integrate and comply with the requirements of the following internationally recognised standards:

• ISO 9001:2015 (Quality Management System)
• ISO/IEC 27001:2022 (Information Security Management System)
• ISO/IEC 20000-1:2018 (IT Service Management System)
• ISO 14001:2015 (Environmental Management System)

This policy establishes our core principles, sets a framework for our strategic objectives, and affirms our commitment to satisfying all applicable requirements.

Core Principles & Commitments

Our IMS is founded on the following core commitments, which guide our processes, decisions, and actions:

Quality Management (ISO 9001)

We are devoted to understanding, meeting, and exceeding our clients' expectations. We commit to:

• Client Focus: Placing our clients at the centre of our operations to ensure their needs and requirements are the primary drivers of our services.
• Process Excellence: Adopting a process approach to manage our activities and resources, ensuring consistency, efficiency, and the delivery of high-quality solutions on time.
• Evidence-Based Decisions: Making decisions based on analysing and evaluating data and information to drive desired outcomes.
• Relationship Management: Fostering mutually beneficial relationships with interested parties, including clients, partners, and suppliers.

Information Security Management (ISO/IEC 27001)

We are committed to preserving the confidentiality, integrity, and availability (CIA) of all our information assets to protect our organisation, clients, and partners. We commit to:

• Risk-Based Approach: Implementing and maintaining a systematic process for information security risk assessment and risk treatment to proactively identify and mitigate threats.
• Security by Design: Integrating security into every service lifecycle stage, from design and development to delivery and support.
• Compliance: Fulfilling all applicable legal, statutory, regulatory, and contractual requirements related to information security.
• Control Framework: Maintaining a comprehensive set of information security controls, as documented in our Statement of Applicability, to address identified risks.

IT Service Management (ISO/IEC 20000-1)

We are dedicated to delivering reliable, effective, and value-driven IT services that align with our clients' business needs. We commit to:

• Service Lifecycle Management: Planning, designing, building, transitioning, delivering, and improving services in a structured and controlled manner.
• Meeting Service Requirements: Ensuring that all services are delivered in accordance with agreed-upon Service Level Agreements (SLAs) and other service requirements.
• Service Continuity: Implementing and maintaining plans and capabilities to ensure that essential IT services can be recovered and resumed within agreed timeframes following a disruption.
• Value Creation: Focusing on delivering value to our clients through the effective and efficient management of IT services.

Environmental Management (ISO 14001)

We recognise our environmental responsibility and are committed to sustainable business practices. We commit to:

• Protection of the Environment: Preventing pollution and minimising our environmental footprint through efficient resource use and responsible waste management.
• Fulfilling Compliance Obligations: Complying with all applicable environmental laws, regulations, and other requirements to which the organisation subscribes.
• Lifecycle Perspective: Considering the environmental impacts associated with our services throughout their lifecycle.
• Sustainable Practices: Promoting environmental awareness among our employees and encouraging sustainable practices, such as maintaining our paperless operations.

Framework for Objectives

Top Management shall establish strategic objectives for all relevant functions and levels within CIL. This policy provides the framework for setting and reviewing these objectives, which are designed to be SMART (Specific, Measurable, Achievable, Relevant, and Time-bound). Our high-level objectives are documented in the IMS Objectives Register and are reviewed during management review meetings to ensure they remain aligned with this policy and our strategic direction.

Continual Improvement

Cecure Intelligence Limited is committed to continually improving the suitability, adequacy, and effectiveness of our Integrated Management System. We adopt the Plan-Do-Check-Act (PDCA) methodology to systematically identify and address opportunities for improvement across all aspects of our business, thereby enhancing our performance and stakeholder satisfaction.

Roles, Responsibilities, and Communication

Top Management is responsible for demonstrating leadership and commitment to the IMS and ensuring this policy is communicated, understood, and applied throughout the organisation.

Every employee and contractor is responsible for upholding the principles of this policy in their daily work.

This policy shall be communicated to all persons working for or on behalf of CIL and made available to relevant interested parties, as appropriate.

Review and Authorisation

This Integrated Management System Policy is reviewed at least annually during formal management review meetings to ensure its ongoing suitability and alignment with Cecure Intelligence Limited's strategic context.