Information Security Management System (ISMS)

At DPSAr, information security is a critical business priority that supports the protection of our data, systems, and operations across the power generation, energy, oil, gas, and process industries.

DPSAr is committed to safeguarding all information assets- whether digital, physical, or intellectual - by ensuring their confidentiality, integrity, and availability, through the effective implementation and continual improvement of an Information Security Management System (ISMS) in accordance with ISO 27001:2022.

Our ISMS is aligned with the strategic direction of the organization and is designed to protect business operations, enhance customer trust, ensure regulatory compliance, and strengthen resilience against cyber threats and data breaches.

Through strong leadership, risk-based thinking, and secure technologies, DPSAr ensures that information security is embedded into all business processes, projects, and operational activities.

DPSAr is committed to:​

• Protecting information assets from unauthorized access, loss, misuse, or disclosure
• Ensuring the confidentiality, integrity, and availability of information at all times
• Identifying, assessing, and managing information security risks through a structured risk management approach
• Implementing robust cybersecurity controls to prevent, detect, and respond to cyber threats
• Ensuring compliance with applicable legal, regulatory, contractual, and data protection requirements
• Securing IT infrastructure, networks, systems, and applications against vulnerabilities and attacks
• Managing access control, data classification, encryption, and secure communication practices
• Continuously monitoring, auditing, and improving the effectiveness of the ISMS

Information security at DPSAr is a continuous process. We regularly evaluate risks, update controls, and enhance our security posture to address emerging threats, technological changes, and business needs.

This Information Security Policy is communicated across DPSAr, implemented in all operations, and reviewed periodically to ensure its ongoing suitability, adequacy, and effectiveness.