Information Security Policy Statement

At Software Foundry, we recognize the critical importance of protecting information assets against threats such as unauthorized access, data breaches, and operational disruptions. Our Information Security Management System (ISMS) is designed to protect the confidentiality, integrity, and availability of information in compliance with NEN-EN-ISO 27001:2022.

Commitment to Information Security

The management team is committed to:

• ensuring the security of sensitive information, including client data, intellectual property, and internal records.
• Complying with all applicable legal, regulatory, and contractual requirements related to information security.
• Continuously identifying, assessing, and mitigating risks that could impact our information security posture.
• Providing employees and stakeholders with security awareness training to foster a culture of security.
• Implementing and maintaining security controls to protect against cyber threats and data breaches.

Objectives of the ISMS

To achieve our commitment to information security, Software Foundry has set the following objectives:

• Protecting all information assets from unauthorized access, modification, destruction, or disclosure.
• Ensuring business continuity by establishing incident management and disaster recovery plans.
• Regularly reviewing and updating security policies to reflect emerging threats and business needs.
• Conducting periodic risk assessments and internal audits to ensure ongoing compliance with ISO 27001.
• Promoting a security-first mindset among all employees and any third-party contractors.

Continuous Improvement

Software Foundry is dedicated to the continuous improvement of its ISMS by:

• Monitoring security performance through Key Performance Indicators (KPIs).
• Regularly conducting penetration testing and security assessments.
• Encouraging a proactive approach to threat detection and incident response.
• Ensuring a structured review process with top management involvement.
• All employees, including third-party contractors, are responsible for adhering to this policy and actively contributing to a secure working environment.

This policy is reviewed annually and updated as necessary to align with our evolving business requirements and the cybersecurity landscape.

Statement of Applicability

As part of our ISO 27001:2022 Information Security Management System, we have established and maintain a Statement of Applicability (SoA). This document identifies the information security controls from Annex A of ISO 27001 that are relevant to our organisation, and records whether they are implemented or not, together with the justification.

The SoA ensures that all necessary controls are in place to protect the confidentiality, integrity and availability of information processed within ShipLogic and Ship Assist. The full SoA is an internal document; however, customers and partners may request further information on specific controls relevant to their engagement with us.

Contact Details

Software Foundry B.V.
f.a.o. ShipLogic
Albert Plesmanweg 43-K
3088 GB Rotterdam
The Netherlands
E-mail: support@shiplogic.nl
Registered under Chamber of Commerce number: 5038426