GIGL is committed to maintaining and improving quality and information security processes by adopting an integrated management system. This provides a framework for integration of the ISO 9001:2015 and ISO/IEC 27001:2022. The company defines our core values for the Integrated Management System as follows:
• To give satisfaction to all our customers, other stakeholders and interested parties, whenever possible, meeting and exceeding their expectations.
• To ensure compliance with GIGL's Customer, Contractual, Regulatory, codes of practice, Legal requirements, and all other requirements applicable to our activities, and reduce information security-related regulatory sanctions/penalties.
• To optimise our business processes to always strive for a zero-defect and no-waste attitude.
• To ensure that all employees are made aware of the needs and their responsibilities in respect of the quality and Information Security.
• To reduce the number of quality and information security high-priority risks on GIGL's risk register.
• To reduce or avoid information security breaches and related loss.
• To ensure Information collected, held, and used by the organisation is appropriately protected and available in line with business requirements.
• To improve information security culture and consciousness in the organisation.
• To provide training in information security for key resources.
• To ensure that the Confidentiality, Integrity and Availability of information is maintained throughout business functions and processes.
• To ensure information is only accessible to authorised persons from within or outside the company and minimise damage by preventing and reducing the impact of security incidents.
Management shall be committed to continual improvement of the Quality Management Systems and the Information Security Management System. The Integrated Management System policy, objectives and targets will be reviewed annually (or sooner if necessary) by Top Management. This policy statement is communicated to all employees and persons working for or on behalf of the company and will be made available to the public, stakeholders and any other interested parties on request.