Information Security Policy

1. Introduction & Purpose

Failure to secure and protect the confidentiality, integrity, and availability (CIA) of information assets in today’s highly networked environment can have a negative impact on organisations and result in legal and regulatory non-compliance.

Procera Group (Pty) Ltd, hereafter referred to as “Procera” or Organisation, will conduct business in compliance with applicable laws, rules, standards, and its values. The CIA of information assets are key to Proceras objectives. This policy sets to define how Procera intends to deal with information security.

2. Scope

This policy applies to employees of Procera Group (Pty) Ltd and its subsidiaries which include, Blake and Associates (Pty) Ltd, Procera (Pty) Ltd, Metonymy (Pty) Ltd, The Virtual Agent (Pty) Ltd, Traq Software (Pty) Ltd, Traq Technical (Pty) Ltd, Ctrlroom (Pty) Ltd, Maravedi Credit Solutions (Pty) Ltd, Blake and Associates Offshoring (Pty) Ltd, Retail Collection Service (Pty) Ltd, Connect BPS RSA (Pty)Ltd.

3. Statement

We are committed to delivering top-tier BPO services while aligning with ISO 27001:2022 and PCI-DSS standards. Our goal is to continuously improve in all areas while safeguarding information security. We strive to protect the CIA of information throughout our operations.

The Management Team is fully accountable for establishing, implementing, and maintaining information security standards by:

  • Compliance with ISO 27001:2022 and PCI-DSS objectives aligned with our strategic direction.
  • Promoting a risk-based and process-driven approach to identify, assess, and mitigate information security risks.
  • Fostering a culture of continuous improvement by addressing risks and opportunities related to information security.
  • Ensuring that information security standards are effectively communicated and understood across the organisation.
  • Enhancing staff competencies through appropriate training and development programs in information security.
  • Ensuring that we meet applicable legal, regulatory, and contractual requirements in relation to Information security.

4. Objectives

  • Continuously improve threat detection, incident response, and system integrity to deliver high-quality security services.
  • Increase client confidence by demonstrating strong security measures that protect sensitive data and reduce risks.
  • Implement cost-effective solutions to lower cybersecurity expenses without compromising protection.
  • Reduce financial risks from breaches, penalties, and reputational damage through better security practices.
  • Ensure compliance with international security standards to support global market operations.
  • Protect the organisation’s data from unauthorised access, loss, or misuse.
  • Ensure all users adhere to security policies and procedures.
  • Enhance the organisation’s capability to manage cyber threats effectively.
  • Regularly review and communicate security improvement initiatives.
  • Promptly address incidents to mitigate legal risks.

5. Disciplinary Disclaimer

Non-compliance, either intentionally or negligently may lead to an improvement request being issued as part of continuous improvement, or to disciplinary action in accordance with the Groups Disciplinary Procedure.

6. Validity & Document Management

This document shall be maintained in accordance with the Groups Document Control procedure.