The confidentiality, integrity, and availability of information, in all its forms, are of critical importance to the continuous operation and governance of the Group. The lack of adequate information security increases the risk of financial losses and reputational damage, from which recovery may be difficult.
The implementation and maintenance of the Group’s Information Security Policy is a primary responsibility of Management and a critical duty. Antaeus Travel Group is committed to:
◦ Ensuring the implementation of the Information Security Policy and its requirements.
◦ Approving, reviewing, and updating the Information Security Policy.
◦ Directing and supporting individuals who contribute to the effectiveness of the Information Security Management System.
◦ Supporting various roles in demonstrating leadership regarding information security.
◦ Ensuring mandatory information security awareness training for all staff.

The creation of an Information Security System aims to implement a set of protective measures and controls that safeguard information from both internal and external threats, as well as from intentional or accidental actions.
The implementation of the Information Security System aims to:
◦ Ensure the protection of all information systems of the Group and mitigate risks related to theft, loss, misuse, damage, or abuse of these systems.
◦ Ensure that users are aware of and comply with Policies and Procedures.
◦ Provide a secure working environment and secure information systems.
◦ Ensure that all users understand their responsibilities for protecting the confidentiality and integrity of the data they handle.
◦ Ensure training and awareness regarding information security for all employees.
◦ Protect the Group from any type of damage through the misuse of its IT facilities.
◦ Ensure a cycle of continuous improvement.
◦ Ensure the monitoring and investigation of any actual or suspected security incidents and data breaches.