Information Security Policy

Last updated: January 2026

1. Our Commitment

Information security is fundamental to how we operate. The clients we serve, across Healthtech, BFSI, Fintech, Airlines, Telco, EdTech, and OTT/Gaming, rely on us to handle their information with the highest standards of care. To meet that expectation, we operate an Information Security Management System (ISMS) designed against the requirements of ISO/IEC 27001:2022 and applicable regulatory requirements.

IGS is currently in the process of formal certification of the ISMS against ISO/IEC 27001:2022. Until the certificate is issued, IGS does not represent itself as certified; the standard is used as the framework against which the ISMS is designed and operated.

2. Scope

The ISMS applies to the provision of Quality Engineering services, comprising Test Consulting & Advisory, Functional Testing, Test Automation, Non-Functional Testing, and operation of the Digital Assurance Lab, delivered from the IGS Bengaluru office, together with the supporting HR, IT, Finance, Business, Admin, and Leadership functions.

3. Framework and Applicable Law

The IGS ISMS is designed against:

  • ISO/IEC 27001:2022 (Information Security Management Systems) and ISO/IEC 27002:2022 (Information Security Controls).
  • The Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 (POSH).

4. Our Commitments

Through the ISMS, IGS is committed to:

  • Protecting information assets entrusted to us by clients, personnel, and partners.
  • Managing information security risk through a documented, repeatable process aligned with the IGS risk appetite.
  • Complying with applicable legal, statutory, regulatory, and contractual requirements in every jurisdiction we operate in and every sector we serve.
  • Preventing and responding to information security incidents through defined procedures, prepared personnel, and continuous monitoring.
  • Developing security awareness across every team through structured training.
  • Continually improving the ISMS through internal audit, management review, incident learning, and stakeholder feedback.

5. Responsibility

The Chief Information Security Officer (CISO) is accountable for the ISMS. Every IGS employee, contractor, and authorised third party is responsible for complying with the ISMS and the topic-specific policies that support it.

6. Review and Communication

This policy is reviewed at least annually and on any material change to the organisation, its services, or the regulatory landscape. It is communicated internally to all personnel and published on the IGS website for the awareness of clients, partners, regulators, and other interested parties.

7. Contact

For questions relating to information security at IGS, please contact us at security@igsglobal.com.

Form Submitted Successfully!