ISMS Policy Statement

ISO 27001:2022 Certified

Certified by DNV — Certificate of Conformity

Policy Statement

CodeMax IT Solutions Pvt Ltd is committed to protecting the confidentiality, integrity, and availability of all information assets entrusted to us by our clients, partners, and stakeholders. Our Information Security Management System (ISMS) has been designed and implemented in accordance with ISO 27001:2022 standards.

Our Commitments

We are committed to:

• Protecting information assets against unauthorized access, disclosure, modification, destruction, or interference
• Ensuring business continuity and minimizing the impact of security incidents
• Complying with all applicable legal, regulatory, and contractual requirements related to information security
• Continuously improving the effectiveness of the ISMS through regular reviews, audits, and assessments
• Providing adequate training and awareness programs for all employees regarding information security responsibilities
• Establishing, reviewing, and achieving measurable information security objectives

Scope

The ISMS applies to all information assets, business processes, systems, and personnel involved in the design, development, delivery, and support of our fintech products and services, including but not limited to:

• Banking platform development and maintenance
• Payment gateway operations
• SIEM and cybersecurity services
• Transaction monitoring systems
• Internal IT infrastructure and support systems

Risk Management

We adopt a systematic approach to identifying, assessing, and managing information security risks. Our risk management framework ensures that appropriate controls are implemented to mitigate identified risks to acceptable levels, and that residual risks are monitored and reviewed regularly.

Continuous Improvement

The ISMS is subject to regular internal audits, management reviews, and external surveillance audits by DNV. We continuously monitor, review, and improve our security posture to address evolving threats, vulnerabilities, and business requirements.

Responsibility

Information security is the responsibility of all employees, contractors, and third parties who access CodeMax information assets. Management is committed to providing the necessary resources, training, and support to maintain and improve the ISMS.