ISMS POLICY STATEMENT

Lamah Technologies LCC is a Libyan company established in accordance with the provisions of law 23 of the year 2010 regarding commercial activity and it was registered in the year of 2018, under an establishing contract of twenty-five years, its main headquarter is located in the city of Misrata under business license number (8059).

Lamah Technologies is committed to protecting the security of its business information and all related services in the face of incidents and unwanted events and has implemented an information security management system ISMS that is compliant with ISO/IEC 27001:2013, the international standard for information security.

The management of LAMAH is committed to ensure that:

  • Comply with all legal requirements, codes of practice, and all other requirements applicable to our activities; therefore, as a company, we are committed to satisfying applicable requirements related to information security and the continual improvement of the ISMS;
  • The confidentiality of information is protected and prevent disclosure of valuable or sensitive information;
  • The integrity of information is maintained to ensure its accuracy and completeness;
  • The availability of information is maintained to meet business needs and client’s requirements;
  • Maintain a management system that will achieve these objectives and seek continual

improvement in the effectiveness and performance of our management system based on “risk”;

  • Information security awareness is provided to all LAMAH employees;
  • Risks are mitigated to an acceptable level through a risk management framework;
  • The information security management system is continually improved;
  • Business continuity plans are developed, maintained and tested;
  • Incident management process is established and implemented to ensure that all breaches of

information security, actual or suspected are reported and investigated.

To ensure the company maintains its awareness for continuous improvement, the business management system is regularly reviewed by “Top Management” to ensure it remains appropriate and suitable for our business. The Integrated Management System is subject to both internal and external annual audits.

This Policy is applied to the entire Information Security Management System (ISMS), as defined in the ISMS Scope Document .

Tah­a Elraaid

CEO