Traydstream Logo
Information Security

Information Security Policy Statement

Traydstream is committed to implementing a robust Information Security Management System that protects all information assets and fulfils our security obligations to customers, employees, and regulatory bodies.

LAST UPDATED2025
VERSIONCurrent
1

Policy Statement

We at Traydstream recognize that Information Security is the responsibility of each and every one of us in the organization. We are committed to creating a secure ecosystem that will enable us to protect customers' and our information, data, intellectual properties, assets and fulfill our security obligations by implementing the 'Information Security Management System'.

This Information Security Policy Statement reflects Traydstream's top-down commitment to maintaining the highest standards of information security across all operations and personnel.

2

Confidentiality, Integrity & Availability

Traydstream is committed to maintaining:

  1. Confidentiality, Integrity, and Availability of information within the organization
  2. Fulfilling Regulatory, Legal and Statutory compliance requirements, Intellectual property rights, Data protection and privacy obligations
3

Personnel Responsibilities

  1. Ensuring all personnel are trained in information security and their roles and responsibilities towards information security management
  2. Ensuring the organization and its personnel are committed to protection of the organization's information assets from all threats, whether internal or external, deliberate or accidental in nature
4

Business Continuity

Ensuring Business Continuity plans (BCP) are established, maintained, and tested to mitigate the organization's continuity and resilience. Processes are designed to support continuation of business operations with minimal disruptions.

BCP testing is conducted regularly to ensure that all critical business processes can be resumed within the required timeframes following a disruption event.

5

Risk Management

Recognizing, assessing, and managing information security risks proactively by implementing a structured risk management process. This includes:

  1. Identifying potential threats and vulnerabilities
  2. Evaluating their impact on business objectives
  3. Applying appropriate controls to mitigate risks
  4. Conducting regular risk assessments integrated into decision-making processes
  5. Ensuring informed, risk-based actions across the organization
6

Continual Improvement of ISMS

Ensuring the continual improvement of the effectiveness of the Information Security Management System (ISMS) by:

  1. Evaluating performance against security objectives and metrics
  2. Addressing audit findings and identified risks promptly
  3. Incorporating feedback from stakeholders and interested parties
  4. Tracking actions to ensure the ISMS adapts to evolving threats
  5. Supporting organizational goals through aligned security practices

Actions will be tracked to ensure the ISMS adapts to evolving threats and supports organizational goals. All improvement initiatives are formally documented and reviewed by senior management.

7

Scope & Applicability

This Information Security Policy Statement applies to:

  1. All employees, contractors, consultants, and third-party personnel who have access to Traydstream's information systems and assets
  2. All information assets owned or managed by Traydstream, including digital and physical assets
  3. All Traydstream offices, remote work environments, and cloud-based systems
  4. All third-party service providers and supply chain partners who process or store Traydstream data

Non-compliance with this policy may result in disciplinary action, up to and including termination of employment or contract, and may result in legal proceedings where applicable.

8

Policy Review & Document Control

This Policy will be formally reviewed on an annual basis or whenever significant changes occur to the threat landscape, regulatory environment, or business operations. The review will consider:

  1. Changes in business activities which could affect the operation of the ISMS
  2. Changes in the way Traydstream manages or operates its information assets
  3. Identified shortcomings in the effectiveness of this Policy
  4. Results of reported information security incidents, formal reviews, or audit finding

This policy is approved and endorsed by Traydstream's Senior Leadership Team. All personnel are expected to read, understand, and comply with this policy.