Integrated Management Systems Policy

SBM complies with Information Security, Business Continuity, and Information Technology Service Management System standards to ensure the operational continuity of the critical and technological services it provides, taking into account global developments, legal requirements, relevant regulations, and contractual obligations, as well as stakeholder expectations, so that operations can continue uninterrupted or with minimal disruption in the face of extraordinary and unforeseen circumstances. Information Security, Business Continuity, and Information Technology Service Management Systems will collectively be referred to as “Integrated Management Systems” or “Management Systems.”

Within the scope of Management Systems, we commit to:

  • Establishing and coordinating an Integrated Management Systems Team to ensure the operation and continuity of management systems, and ensuring that the relevant roles and responsibilities are fulfilled,
  • Within the framework of information and information assets, complying with the principles of confidentiality, and ensuring the effectiveness and continuity of systems; managing threats and vulnerabilities; mitigating the impacts associated with risks; conducting risk processing activities to reduce identified risks to an acceptable level through risk analysis and assessment; taking actions to capitalize on identified opportunities; and reporting,
  • Allocating the necessary resources for training and software that will enhance employee competence in order to ensure the continuity, reliability, and quality of our services and processes,
  • Ensuring the participation and compliance of all employees and stakeholders in management systems in line with the need for a holistic approach, by raising awareness, providing incentives, and maintaining communication,
  • Meeting the evolving expectations of customers and stakeholders and ensuring their satisfaction by keeping pace with technological advancements,
  • Ensuring compliance with all requirements specified in the contracts for all our clients,
  • Verifying compliance with legal regulations and standards through internal and external audits and ensuring that the system remains compliant at all times,
  • Determining business continuity strategies by taking into account SBM business continuity objectives, business impact analysis and risk assessment results, as well as regulatory and contractual obligations,
  • Ensuring the delivery of critical services, evaluating suppliers who play a role in ensuring service and business continuity, and taking the necessary actions,
  • Developing business continuity plans for critical services, and conducting regular annual drills of these plans to identify areas for improvement,
  • Ensuring the reliability of our operations alongside their quality,
  • Conducting information security and business continuity tests,
  • With the support of senior management, conducting regular reviews to establish measurement criteria for processes and activities and to ensure their continuous improvement,
  • Ensuring that the requirements for management systems are met, reviewed, and that the policy regarding continuous improvement activities is regularly updated.