• ENG
  • ISMS POLICY

    Ban Vien Corporation is a Trusted Technology Partner in Software Development & Embedded System development. As a reputable technology corporation, we recognize that it is critical for our sustainable business growth to implement the Information Security Management System (ISMS) that is designed to ensure adequate and appropriate security controls that maintain Confidentiality, Integrity and Availability of information assets. To address it, we have established the ISMS Policy that includes our basic policy on information security and are committed to making company-wide efforts to avoid any information security risks that may impact our business.

    1. PURPOSE

    The ISMS is designed to ensure adequate and appropriate security controls customized to the needs of Ban Vien Corporation. This policy specifies the requirements for establishing, implementing, monitoring, reviewing, maintaining, and improving documented ISMS within the context of the overall Business requirements.

    2. SCOPE

    The Scope of the ISMS covers all Ban Vien business activities and applies to all assets for the entire Ban Vien, which includes all active Ban Vien offices below:

    • Ho Chi Minh City Headquarters: Floor 2, Block B, Copac Square Building, No 12, Ton Dan Street, Ward 13, District 4, Ho Chi Minh City, Vietnam.
    • Van Phuc Office: No 1, Street 5, Van Phuc Residential Area, Hiep Binh Phuoc Ward, Thu Duc District, Ho Chi Minh City, Vietnam.
    • Danang Branch Office: Floor 7, ACB Building, No 218, Bach Dang Street, Phuoc Ninh Ward, Hai Chau District, Danang City, Vietnam.
    • Danang Branch Office: Floor 3, Thanh Loi Building, No 3, Le Dinh Ly Street, Vinh Trung Ward, Thanh Khe District, Danang City, Vietnam.
    • Hue Branch Office: Floor 8, HCC Building, No 28, Ly Thuong Kiet Street, Vinh Ninh Ward, Hue City, Vietnam.

    3. INFORMATION SECURITY INITIATIVES

    3.1 ISO/IEC 27001:2013 Certification

    BAN VIEN is committed to protecting its business from any information security risks. As part of this effort, we acquired ISO/IEC 27001:2013 certification for ISMS in December 2022. Having obtained this certification, we will endeavor to enhance our information security measures further, maintain, or augment our information security management, and earn additional trust from our customers.

    Organization Registered BAN VIEN CORPORATION
    Scope Of Registration Information Security Management System Relating to the Provision of Software Development and Software Outsourcing Services
    Applicable Standard ISO/IEC 27001:2013
    Certification Registration Number IS 781404
    Date Of Registration 03-Jan-2023
    Certificated By ANAB and IAF

    3.2 Risk analysis and risk assessment

    We detect, manage, and assess the information assets for threats and vulnerabilities. Based on the asset worth, threat, and vulnerabilities, the risk to them will be assessed. The implementation of sufficient controls is required when the risk value is high.

    3.3 Enhancement of information security

    We will develop and implement an ISMS to ensure adequate and appropriate security controls that uphold the confidentiality, integrity, and availability of information assets to stop information related to customers, vendors, management, etc., from being leaked, destroyed, or used illegally. Additionally, we offer all employees the necessary instruction and training to uphold and enhance the efficacy of the ISMS.

    3.4 Business Continuity Management

    We shall establish a contingency plan to secure business continuity, assuming a loss of critical premises caused by fire or lockdown due to Corona virus pandemic, network-related issues, or a large-scale infection disease, etc.

    3.5 Evaluation and review of information security measures

    We shall review the management and effectiveness of the ISMS on a regular basis for further improvement while making efforts to identify any incidents.