Introduction

PolymathPlus LLC is committed to protecting the confidentiality, integrity, and availability of our information assets. This Information Security Policy outlines our approach to safeguarding sensitive information and ensuring compliance with relevant legal and regulatory requirements.

Objectives

• To protect the confidentiality, integrity, and availability of information.
• To ensure compliance with legal, regulatory, and contractual requirements.
• To establish a framework for identifying, assessing, and managing information security risks.
• To promote a culture of information security awareness among employees.

Scope

This policy applies to all employees, contractors, and third-party service providers of PolymathPlus LLC. It covers all information assets, including data, systems, and networks managed by PolymathPlus.

Information Security Principles

• Confidentiality: Information will be accessible only to those authorized to have access.
• Integrity: Information will be accurate, complete, and protected from unauthorized modification.
• Availability: Information will be accessible and usable when required.

Responsibilities

• Information Security Manager: Oversees the implementation and maintenance of the Information Security Policy.
• IT Team: Responsible for implementing technical security controls and managing information security risks.
• All Employees: Responsible for adhering to information security policies and procedures and reporting any security incidents.

Access Control

Access to information assets will be based on the principle of least privilege. User access rights will be granted based on job responsibilities and will be reviewed periodically to ensure appropriateness.

Data Protection

Sensitive data will be protected using appropriate encryption methods both in transit and at rest. User passwords will be encrypted and stored securely.

Incident Management

PolymathPlus LLC will maintain an incident response plan to manage and respond to security incidents. All employees are required to report any suspected or actual security incidents immediately to the Information Security Manager.

Training and Awareness

All employees will receive regular training on information security policies and procedures. Awareness programs will be conducted to promote a culture of security within the organization.

Compliance

PolymathPlus LLC will comply with all relevant legal, regulatory, and contractual requirements related to information security. Regular audits and assessments will be conducted to ensure compliance.

Review and Maintenance

This Information Security Policy will be reviewed annually and updated as necessary to reflect changes in our operations, technology, and industry best practices. Any changes to the policy will be communicated to all employees and relevant stakeholders.

Contact Information

For questions or further information regarding this policy, please contact:

PolymathPlus LLC
admin@polymathplus.com

Effective Date: July 12, 2023

Review Date: July 12, 2023

Version: 1.0