IT Policies

This Policy establishes AWR Group users commitment to its Information Security Management System and the requirements of the ISO 27001:2022 International Standard.

Our vision is for security to be a natural and integral part of the culture of AWR Group IT. We aspire to achieve this through effective leadership and developing appropriate behaviours. This means proactively working with colleagues, clients and our supply chain to ensure that concepts of information security are fully integrated into our decision making processes.

The purpose of this policy is to define the acceptable usage of information assets which may include internet, intranet, e-mails, systems, storage media, operating systems and application software and business information at AWR Group.

This is a universal policy that applies to all Users and all Systems. For some Users and/or some Systems a more specific policy exists: in such cases the more specific policy has precedence in areas where they conflict, but otherwise both policies apply on all other points.

This policy covers only internal use of AWR Group’s systems, and does not cover use of our products or services by customers or other third parties.

The purpose of this policy is to define the acceptable usage of Aritificial Intelligence(AI) Websites.

This policy covers all employees of AWR Group, including permanent and temporary staff.

The purpose of this policy is to ensure successful prevention, detection and removal of virus and malware, to protect the confidentiality, integrity and availability of AWR Group IT assets.

This policy applies to all internally connected servers, PCs, laptops, and external vendor using their systems to access the AWR Group network.

The objective of this policy is to ensure that all information assets used in AWR Group work areas is secured from the risk of unauthorized access, loss or damage during /outside business hours or when areas are unattended.

This policy applies to all employees, contractors, trainees and third party personnel (consultants, temporary employees, business partners, trading partners, and other users) who use information assets provided by AWR Group.

The purpose of this policy is to define guidelines and controls to minimize the risks of misuse associated with AWR Group corporate email services.

This policy applies to all AWR Group employees, contractors, guests, trainees and third party personnel (consultants, temporary employees, business partners, trading partners, and other users) that use AWR Group corporate email services.

The objective of this policy is to establish guidelines and principles for the appropriate usage of internet/intranet services provided by AWR Group in order to protect AWR and its employees from new and emerging risks in accordance with the best practices.

This policy applies to all regular employees, contractors, consultants, vendors and non-employee third parties who are granted access within the AWR Group network.

The objective of this policy is to the minimize risks associated with the use of mobile computing devices, and define controls against the threats of unauthorized access, theft of information, and malicious disruption of services.

This policy covers for all mobile devices used to access AWR Group IT information systems.

The purpose of this policy is to establish a standard for creation of strong passwords, protection of the passwords and frequency of changing passwords.

AWR Group Companies requires all users who access its information systems to have a single user ID and a private password. User IDs must be used in order to restrict system access privileges according to the functions, responsibilities and activities of each user. All users are responsible for protecting their user IDs and passwords.

The scope of this policy includes all users of AWR Group information assets including employees, contractors, vendors, consultants -who has an account (or any form of access that supports or requires a password) on any system that resides at AWR Group facilities.

The purpose of this policy is to minimize the risk of loss or exposure of sensitive information maintained by AWR Group Computers, servers and to reduce the risk of acquiring malware infections on computers operated by AWR users.

This policy covers all computers and servers operating in AWR Group.

The purpose of the policy is set out the terms of use for remote access working.

This policy covers all employees of AWR Group, including permanent and temporary staff.

This Policy establishes AWR GIT commitment to support AWR Group Business by following an integrated process approach for delivery of IT Services. This shall be done by implementing, operating, monitoring, reviewing, maintaining and improving the Service Management System