Information Security Service Policy - Aquarius Soft

Our mission is to

  • Protect our information and business processes.

  • To enable and enhance the information security features of our software solutions provided to our customers.

Our policy highlights the following:

  • The company aims to continuously improve its information security controls to reduce the information security risks to acceptable level, by utilizing common risk assessment methodologies, and by applying PDCA model.

Information Security Framework

  • A regular cycle will be used for the setting of objectives for information security, to be done yearly between January to December. This will ensure that adequate funding is obtained for the improvement activities identified. These objectives will be based upon a clear understanding of the business requirements, informed by the management review process during which the views of relevant interested parties may be obtained.

  • In accordance with ISO/IEC 27001 the reference controls detailed in Annex A of the standard will be adopted where appropriate by Aquarius Soft. These will be reviewed on a regular basis in the light of the outcome from risk assessments and in line with information security risk treatment plans.

  • Every employee at Aquarius soft has a responsibility for proper handling and protection of Aquarius confidential information as set out in the Policy Statements. These policies apply to the entire organization. Each policy is supported by Requirements that describe what must be done to be in compliance.

We are committed to continual improvement of our Information security management system:

  • Review Information security metrics regularly to assess the effectiveness of information security based on collected data

  • Enhance information security processes to align with world best practices in cybersecurity.




Robin Choo

Chief Executive Officer
October 10, 2021