Security & Confidentiality Policy
security
All corporate assets, client information & his Property, personally identifiable information that refers to the customers or our employee must be adequately protected. Personnel security is a necessary building block for safeguarding assets.
This policy defines requirements for protection of YMCO Cont. Co. corporate assets and theirs client Property from intentional abuse, misuse, or destruction by employees, contractors, or consultants.
YMCO Cont. Co. Acknowledges its responsibility in respect of the security and confidentiality of client information & his Property and confidentiality of personally identifiable information that refers to the client or our employee. The company will comply with the associated legislation to ensure the security and confidentiality of the work.

Scope
This policy applies to all employees, contractors, sites, and consultants who handle YMCO Cont. Co. Assets including sensitive information or sensitive information entrusted to YMCO Cont. Co.
SECURITY AND CONFIDENTIALITY POLICY

1.0 Policy Statement
Asset & information protection is addressed at the recruitment stage, included in the employee handbook and contracts, and monitored during an individual’s employment. To ensure compliance with policy objectives, these statements must be followed:
1.1 Requirement to Protect Corporate & Client Asset & Information
1.1.1 All employees, contractors, and consultants must protect both tangible and intangible corporate & client Asset & information.
1.1.2 All employees, contractors, and consultants are responsible for reporting to the appropriate manager any real or suspected threats to corporate & client Asset & information.
1.2 Information Security Responsibilities
Include information security responsibilities in company rules and worker’s contracts.
1.2.1 Information security responsibilities to be followed by all
Employees must be incorporated into YMES Cont. Est. Employee Handbook.
1.2.2 All employees must acknowledge in writing (electronic acknowledgement is acceptable) that they have read and understood YMES Cont. Est. Employee Handbook.
1.2.3 Specific information security responsibilities must be incorporated into all contracts with contractors (including consultants or any non-employee who performs work-for-hire) who have access to restricted customer area or otherwise sensitive information.
1.3 Information Security Training
Ensure all employees, contractors, and consultants are aware of information security Policies and processes.
1.3.1 All employees, contractors, and consultants must be trained in the security requirements and processes associated with their jobs, appropriate business controls, and the correct use of all corporate assets, client information & his Property and facilities.
1.3.2 All employees, contractors, and consultants must acknowledge in writing (electronic acknowledgement is acceptable) that they have read and understood YMES Cont. Est. Information Security Policy.
1.3.3 All employees, contractors, and consultants must receive from YMCO Cont. Co. Information Security Policy at least once per year.
1.4 Background Checks
Secure all potential employees and contractors to minimize the risk of attacks from internal sources.
1.4.1 All employees, contractors, and consultants must pass a background check that includes examination of
criminal conviction records, credit bureau records, and verification of previous employment
1.5 Bonding
Insure the organization against acts of disloyalty such as fraud, embezzlement, and industrial espionage.
1.6 Conflict Of Interest
Require employees to identify any conflicts of interest to minimize acts that may harm the organization’s assets or reputation.
1.6.1 All employees must be trained to recognize conflicts of interest and the appearance of conflicts of interest during their first week of employment and at least once per year thereafter.
1.6.2 All employees must identify in writing any conflicts of interest and the appearance of conflicts of interest during their first week of employment and at least once per year thereafter.
1.6.3 All conflict of interest statements must be reviewed by the Security & safety Compliance Officer and subsequently filed in the Employee’s HR Files.
1.6.4 If the Security & safety Compliance Officer identifies any significant conflicts of interest, the conflict(s) must be discussed with the employee’s supervisor or other management to determine the appropriate course of action.
1.7 Non-Disclosure Arguments
Prevent the disclosure of sensitive information to anybody who has not signed a non- disclosure agreement.
1.7.1 All employees, contractors, and consultants must personally sign an YMCO Cont. Co. non-disclosure agreement. The provision of a signature must take place before work begins, or if a worker has been working without a non-disclosure agreement, a signature must be provided as a condition of continued employment.
1.8 Security Incidents
Ensure security incidents and policy violations are covered appropriately.
1.8.1 The Chief Security Officer will implement a system for security incident reporting, response, tracking, and resolution.
1.8.2 All employees and contractors are responsible for reporting to the Appropriate manager any violations of policy or other directives promptly

2.0 Responsibilities
2.1 Human Resources is responsible for ensuring background checks and employee bonding are conducted.
2.2 Corporate Security & Safety are responsible for implementing the educational requirements of this policy.

3.0 Compliance
3.1 Security & safety Compliance Officer and senior management are required to ensure that internal audit mechanisms exist to monitor and measure compliance with this policy.
3.2Company managers have the responsibility to enforce compliance with this policy.
3.3 Failure to comply with this policy may result in disciplinary action, which may include termination of employment.