Introduction This cybersecurity policy aims to outline the measures that our business takes to protect our digital assets, including sensitive data, intellectual property, and financial records, against cybersecurity threats. This policy applies to all employees, contractors, and vendors who have access to our business’s digital assets. Scope This policy covers all digital assets owned, used, or operated by our business, including but not limited to: Computer systems Networks Software applications Data storage devices Cloud-based services Mobile devices Policy Our business takes the following measures to ensure the security of our digital assets:

Introduction The purpose of this incident response plan is to outline the steps that our business takes to respond to cybersecurity incidents promptly and effectively. This plan applies to all employees, contractors, and vendors accessing our business’s digital assets. Incident Response Team Our business establishes an incident response team, which includes: Incident Response Manager: Responsible for overseeing the incident response process Technical Expert: Responsible for technical investigation and analysis Communication Expert: Responsible for communicating with stakeholders and external parties

Introduction The purpose of this information security policy is to outline the standards and guidelines for protecting our business’s sensitive and confidential information. This policy applies to all employees, contractors, and vendors accessing our business’s information. Information Security Responsibilities Our business assigns the following responsibilities for information security: Information Security Manager: Responsible for overseeing the implementation and enforcement of this policy and the security of our business’s information. Employees: Responsible for complying with this policy and reporting any security incidents.

IT Security Policy for Small Business Introduction This IT security policy aims to outline the standards and guidelines for protecting our business’s information technology infrastructure and data. This policy applies to all employees, contractors, and vendors accessing our business’s IT systems. Information Security Responsibilities Our business assigns the following responsibilities for IT security: Information Security Manager: responsible for overseeing the implementation and enforcement of this policy and the security of our IT systems.