Information security policy statement
Last updated:
Dec 22, 2025
Information security policy statement
Mitra Innovation Private Limited (hereafter referred to as “Mitra”) is committed to implementing and operating appropriate information security management systems, policies, processes and controls to maintain the confidentiality, integrity and availability of its, and its customers’, information and information processing facilities. The primary objective is to ensure that Mitra Innovation fulfils all of its information security obligations to customers and other interested parties. This covers all information assets and not solely limited to digital media (i.e. electronic data and paper records), that Mitra maintains. It also addresses the people that use them, the processes they follow and the physical aspects e.g. accommodation, computer equipment and networks used to access them.
The overall objective of the Information Security policy is to ensure protection of its information systems against damage or destruction and unauthorised disclosure or changes, whether accidental or deliberate.
The key points in the policies are the commitments to satisfy applicable requirements, to set, maintain and achieve objectives and to continually improve the integrated management system.
The information security management system provides the framework for identifying opportunities and controlling risks to information security through setting objectives, the implementation of operational controls and continuous improvement, thus maximising our potential to fulfil all information security obligations to customers and other external parties, such as suppliers and business partners. It provides all interested parties and customers with the confidence that their information and information processing facilities shall be kept appropriately secure whilst under the control of Mitra Innovation. We recognise that our business relationships require ongoing commitment to achieving business excellence at every level of Mitra Innovation and its supply chains. Information Security Scope includes
Personnel information relating to employees;
All customer information held by the Mitra, business sensitive, proprietary and any other confidential information belonging to or about Mitra;
All supplier, contractor, and other third party information, held by the Mitra;
All software assets, such as application software, system software, development tools and utilities, databases and data files, system documentation, user documentation, training materials, which are owned, managed and maintained by the Mitra,
All physical assets, such as computer equipment, communications equipment, media, hard-copy files and papers, and equipment relating to facilities;
All services and utilities, such as power, environmental controls, surveillance ;
People, who are the risk owners, custodians, or users of the above assets.
This policy applies to all employees in all departments of Mitra, no exceptions.
Out of scope are all systems and processes owned, managed and maintained by Mitra’s customers
ISO/IEC 27001:2022
An Integrated Management System (IMS) is implemented and operated by Mitra. It defines the Quality and Information Security Policies and references the Quality and Information Security Processes of the company.
This integrated management system is used as the basis for ISO/IEC 27001:2013, ISO 9001:2015 compliance and compliance to standard regulations.