At Safe Welkin Limited, we are committed to the implementation and continual improvement of an Integrated Management System (IMS) that encompasses Information Security, Business Continuity, Quality Management, and Data Privacy in alignment with the requirements of ISO/IEC 27001:2022, ISO 22301:2019, ISO 9001:2015, and the Nigeria Data Protection Act, 2023.

The Board and Management of Safe Welkin Limited, an audit, risk and compliance firm are committed to preserving the confidentiality, integrity, availability and privacy of all physical and electronic information assets throughout the organisation, to safeguard its assets, legal, regulatory, as well as contractual, compliance, and image.

The Integrated Management Systems (ISO 27001, ISO 22301 and ISO 9001) requirements will continue to be aligned with organisational goals and are also intended to be an enabling mechanism for information sharing, electronic operations, and reducing information & technology-related risks to acceptable levels.

Safe Welkin’s current strategy and Integrated Management System (IMS) provide the context for identifying, assessing, evaluating, and controlling information/process-related risks through the establishment and maintenance of the IMS. The risk assessment and risk treatment plan capture how identified risks are controlled in alignment with Safe Welkin’s risk management strategy. • Business continuity and contingency plans, data backup procedures, systems access control, and information security incident reporting are fundamental to this policy. All employees of Safe Welkin shall have the responsibility of reporting incidents. • Information security education, quality management awareness and training are made available to all stakeholders. • All employees of Safe Welkin and external parties identified in the Management Systems are expected to comply with this policy. • The IMS shall be subject to continuous and systematic review with improvements adopted, where necessary. • Management is committed to the continual improvement of the IMS in the organisation. • Breach of the policy or security mechanism may warrant disciplinary measures, up to and including termination of contract, as well as legal action in line with the Cybercrime Prohibition Act 2015.

Safeguard the confidentiality, integrity, and availability of all information assets and client data; • Maintain adequate controls and business continuity procedures to ensure the uninterrupted delivery of our services. • Consistently deliver high-quality certification and assurance services that meet client expectations and applicable requirements; • Foster a culture of continuous improvement, risk-based thinking, and innovation; • Comply with all relevant statutory, regulatory, and contractual obligations, including data privacy laws and industry codes of conduct; • Equip our workforce with the training, resources, and awareness needed to uphold these principles in their day-to-day operations.