Kutia’s Integrated Management System (IMS) policy aims to manage processes, planning, implementation, monitoring, and improvement of all relevant activities toward ensuring conformity with ISO 9001 (quality), ISO/IEC 27001 (information security), and legal requirements in power.

Integrated Management System (IMS) inside Kutia, presents the base of implementation and improvement of high-quality standards, complying in accordance with international standards which include a commitment to the areas of quality and information security. Innovation capability, reliability, and dynamic and open corporations are the fundamental values of our company which lay the foundations for outstanding services and the process of requirements for continual improvement.

It is the policy of Kutia that information in all its forms written, spoken, recorded electronically, or printed will be protected from accidental or intentional unauthorized modification, destruction, or disclosure throughout its life cycle.  This protection includes an appropriate level of security over the equipment and software used to process, store, and transmit that information. Moreover, information security risk management is accomplished in accordance with the ISO/IEC 27005:2018 standard.

The aim of Kutia is to measure and verify the commitment to the confidentiality, integrity, and availability of the information, by relying on a business continuity and traceability process, in the field of professional services, ICT Industry, Software Development, and information exchange, whether internally or externally.

The quality of services that Kutia offers is guaranteed by an array of controls and is checked by the competent project management, ISO Lead team, and ISO appointed key personal, who were part of training development processes. Also, the guaranteed quality of services undergoes further audits from the internal audit process and further certification bodies, and annual surveillance audits. The management processes are audited as per ISO 9001, ISO/IEC 27001 and are reviewed periodically by internal audits, to ensure their effectiveness and will be modified according to requirements and adapted accordingly with the standards modifications/change requirements. The Executive Board is regularly noticed of the performance of the management systems.

Scope

A. The scope of information security includes the protection of the confidentiality, integrity, and availability of information. The specific certification scope statement is “Custom Software Development and Design”.

B. The framework for managing information security in this policy applies to all Kutia entities and workers, other Involved Persons, and all Involved Systems.

C. This policy and all standards apply to all protected information and other classes of protected information in any form as defined in the Information classification matrix.

The policy of our organization is to:

  1. Define and meet Customer’s requirements and commit to customer satisfaction;

  1. Ensure that Policies, Manuals and Procedures are clear and concise to reflect what Kutia is committed to performing;

  1. Monitor and analyze performance metrics and make necessary modifications or adjustments as appropriate affecting Customer programs, Customer satisfaction, the Documented Information Management System, and/or any related entities;

  1. Educate all employees about the correlations between their jobs and Customer satisfaction.

  1. Ensure effective External and Internal communication;

  1. Foster a team approach to problem-solving and preventive action by empowering all employees to be quality ambassadors;

  1. Recognize essential equal opportunities to all persons without discrimination, including recruitment and promotion, giving guidance and encouragement to employees at all levels to act fairly;

  1. Implement and monitor the organization’s Integrated Management System into the Company’s culture and daily practices as a long-term commitment to quality, continuous improvement, and customer satisfaction;

  1. Meet and/or exceed Customer’s expectations through continuous improvement;

  1. The organization’s top management will meet regularly with the IMS Team representative to review and ensure the effectiveness of the Integrated Management System;

  1. Adoption of good information security and data protection practices toward protecting of Confidentiality, Integrity, and Availability of all information processed;

  1. Compliance with applicable local and international legal, and other requirements, continually improve IMS performance accordingly;

  1. Constantly improve information security & continuity plan, aiming to enhance IMS effectiveness and Information Continuity requirements. 

Top management ensures that Kutia IMS policy:

  • Is appropriate to the purpose of the organization;
  • Includes a commitment to comply with requirements and to continually improve the effectiveness of the integrated management system and modify it according to the regulations and compliance with standards;
  • Provides a framework for establishing and reviewing IMS objectives;
  • Is communicated regularly within management and understood within the organization, and
  • Is reviewed for continuing suitability.

The ISO Team is responsible for ensuring the IMS policy is reviewed during the Management Review process.