§ 01
Governance
- Information-security programme aligned with ISO/IEC 27001:2022 and mapped to SOC 2 Trust Services Criteria.
- Quarterly information-security committee chaired by the Managing Director.
- Documented Statement of Applicability covering Annex A controls.
- Named DPO, Head of IT Security, and Incident Response Manager.