It is policy of AXA to create, maintain and continually improve the Information Security Management System and to adhere to ISMS practices in compliance with best practices required for Software development and information security needs of the customer.

AXA works within the framework of the Local Government, while fulfilling the contractual obligation of the client. This is to ensure protection of its information assets from all threats – internal or external, deliberate or accidental and natural disasters.

Furthermore, to achieve this objective AXA will ensure the following:

• All applicable legal and contractual requirements are fulfilled.
• Business requirements for availability of information and systems are met.
• Continuously monitor and improve the effectiveness of ISMS in AXA.
• Confidentiality and integrity of information is maintained throughout a systematic process.
• Business continuity plans (DR site) are established, maintained, and tested.
• Risks to all corporate assets (tangible/intangible and human) are assessed and against all risks appropriate controls are implemented, mitigation and contingency plans are defined.
• All corporate assets (tangible / intangible, and people) have a secure and safe environment.
• Conducive work environment has been provided to human resource, free from accidental and occupational hazards.
• All personnel are trained in information security practices, roles and responsibilities.