Information Security Policy Statement

SAAED for Traffic Systems (hereinafter referred to as “SAAED”) recognizes that information is a vital asset that must be protected to support the organization mission, achieve strategic objectives, ensure business sustainability, and maintain compliance with regulatory requirements. Accordingly, SAAED acknowledges that information security is an ongoing commitment, requiring proactive measures to safeguard against evolving threats.

To fulfil this commitment, SAAED’s management is fully committed to:

1. Protect the Confidentiality, Integrity, and Availability of its information and information systems
2. Implement a robust Information Security Management System (ISMS) aligned with ISO/IEC 27001:2022.
3. Ensure compliance with all applicable:
   a. Legal and regulatory requirements.
   b. Contractual obligations in terms of information security.
   c. Internal policies and procedures related to information security
4. Identify, assess, and manage information security risks using a structured risk management framework.
5. Develop enforceable information security policies, standards and procedures, using a risk-based approach for addressing all applicable controls.
6. Define measurable objectives and conduct regular monitoring and analysis to assess performance.
7. Enforce the accountability by clearly defining and assigning roles and responsibilities for managing information security.
8. Allocate adequate resources for the effective operation of the ISMS
9. Promoting a culture of security awareness through training and communication.
10. Improve the ISMS continuously through regular reviews, audits, and corrective actions.
11. Review information security policies, standards, and related documents at least annually or upon significant changes to ensure relevance and effectiveness.