Professional Documents
Culture Documents
Final Updated Form
Final Updated Form
kk i= gsrq tkudkjh
deZpkjh dk uke ------------------------------------------------------------------- ¼vk/kkj dkMZ ds vuqlkj½
firk@ifr dk uke----------------------------------------------------------------------------------------------------------------------------------
tUefrfFk ----------------------------------------- iq:’k@efgyk ---------------------------------------------------------------------------
fu;qfDr fnukWad ----------------------------- fookfgr@vfookfgr ----------------------------------------------------------------
fu;qfDr in -------------------------------------- Lo;a dk vk/kkj dkMZ uacj --------------------------------------------------
deZpkjh ds ?kj dk irk
LFkkuh;irk ----------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------
LFkkbZ irk -------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------
Qksu ua- ----------------------------------------------------------------------------------------------------------------------------------------------------
mRrjkf/kdjh dk uke @Nominee Name
Ukke firk@ifr dk uke tUefrfFk lac/k vk/kkj dkMZ ua-
ifjokj dk fooj.k
Ukke firk@ifr dk uke tUefrfFk lac/k vk/kkj dkMZ ua- fMLisUljh
dsna z
(TTBS), a company incorporated under the provisions of the Companies Act, 1956/2013 and
presently having its registered office at (Ganesh Galaxy City, 3rd Floor, Ayodhya
Bypass, Bhopal) (M.P.), on the FIRST PARTY;
AND
Mr/Ms/Mrs.____________________Son/Daughter/Wife of ___________________________
permanently residing at __________________________________________________ and is
entering and signing this Agreement as SECOND PARTY. Technotask Business Solutions and
__________________________ are collectively referred to as the "Parties" and each
individually as a "Party".
RECITALS:
A. The parties are into a commercial relationship of employer-employee and in some cases
principal-agent, depending upon the mutual agreement between them. This agreement
shall not be construed as appointment/engagement of any kind, but is limited to the
extent of non-disclosure of sensitive information and self-declaration of related parties
and indemnification/recovery from salaries/remuneration/fees/dues/other recovery
modes in case of financial loss to the first party.
B. The parties, particularly and exclusively the first party, based on their mutual
relationship, are exchanging certain information which is critical and peculiar to their
respective businesses and which needs to be safeguarded from being abused. Moreover,
first party and/or its clients have been a victim of financial losses due to
irregular/illegal/improper/unauthorized execution of work/disclosure of financial and
other sensitive information which needs to be indemnified (Recovered) by the
defaulting parties.
C. Further,the first party is facinf financial and reputational losses with regard to
irregular,immoral and illegal competition by the employees/agents/ex-employees,such
employees/agents/ex employees,who utilize the brand image of first party and wins
over the trust of the clients of the first party,illegallly utilize the resources and sensitive
information of the first party and incorporate smaller similar businesses and start
pitching the clients/prospective clients of the first party.this not only makes financial
losses to the first party but also brings reputational losses,as the clients/prospective
clients looses the trust towards the first party.
D. Pursuant to the aforesaid, the second party would have to self- declare that he/she is
related to any party, individual or incorporated entity, which have similar or same
business interest, as that of the first party and/or its clients and that if in case of any
unauthorized act of the second party, the first party and/or its clients suffers any
1
financial loss/implication, then the same liquidated amount shall be borne/recovered
from the defaulting party.
E. The Employee specifically agrees that for a period of one year after the employee is no
longer employed by the company, the employee will not engage, directly or indirectly,
either as proprietor, stockholder, partner, officer, employee or any otherwise, in the
same or similar activities as were performed for the company in any business within a
state where the company has offices or within the state where company has its clients
or the customers of clients which distributes or sells products or provides services
similar to those distributed, sold, or sells product or provides services similar to those
distributed, sold, provided by the company at any time during one(1) year preceding
the employee’s termination employment.
1. "Confidential Information" shall mean all information, virtual and physical form of
data, know-how, ideas, designs, documents, concepts, technology, manufacturing
processes, industrial, marketing, commercial knowledge, and other materials of a
confidential nature and includes but is not limited to, information of a commercial,
technical or financial nature which contains amongst other matters, trade secrets, know-
how, patent and ancillary information and other proprietary or confidential information.
2. Except as otherwise provided in this Agreement, the second party shall, at the time of
employment or during employment, disclose to the first party, any relationship with a
related company/individual, who has same or similar business interest as of the first
party and/or its clients. Further, the Receiving Party shall keep confidential all the
confidential Information of the Disclosing Party which:
(a) is disclosed, communicated or delivered to the Receiving Party in furtherance
to the Purpose for which the Parties are entering into negotiations/discussions;
(b) comes to the Receiving Party's knowledge or into the Receiving Party's
possession in connection with negotiations/discussions towards the Purpose,
irrespective whether such Confidential Information is received before or after the date
of this Agreement.
3. The Receiving Party shall inform the Disclosing Party of any disclosures to third
parties, prior to any such disclosure. The Confidential Information as disclosed to the
Receiving Party shall be kept strictly confidential and shall not be sold, traded,
published or otherwise disclosed to anyone in any manner whatsoever, without the prior
written consent/approval of the Disclosing Party
4. Each Party acknowledges that a breach of this Agreement by one Party may cause the
other Party irreparable damage for which monetary damages would not be an adequate
remedy. Accordingly, in addition to other remedies that may be available, a Party may
seek injunctive relief against such a breach or threatened breach. Further, any monetary
loss caused to the disclosing party shall be recovered. Further, unliquidated damages
may be claimed by the disclosing party from the defaulting party. The parties further
2
accept and understands, that such confidential information, relating to first party and/or
its client, if disclosed to the third party, may cause irreparable damages to the first party
and/or its client. Moreover, second party or his related party shall not compete with the
first party during agency/employment and even after that for a cooling period of 1 year.
Moreover, the second party undertakes that, after cessation of agency/employment,
he/she shall not solicit/poach other employees of the first party. such acts/abstainment
shall cause irreparable damages to the fist party. In such a case, the defaulting party
shall indemnify the first party to the tune of damages caused to it or its client due to
such unauthorized act of the defaulting party.
5. The parties further understand that in addition to the above civil remedy, the said
confidential information, tangible or intangible, if unauthorized utilized by the
receiving party, the same shall also attract penal provisions of Information Technology
Act, 2000 and also Indian Penal Code, 1860. Further, any intentional financial loss
caused to the first party shall attract penal provisions of Cheating and Criminal breach
of trust, as defined in Indian Penal Code, 1860.
6. This Agreement shall be effective and binding from (DOJ) and will continue until and
unless terminated in accordance with clause 7 herein.
7. This Agreement shall terminate upon the occurrence of the earlier of the following
events:
(a) by written agreement between the Parties;
(b) when either Party notifies the other in writing by a termination notice electing
to terminate this NDA from a prospective date. However, such notification
should have consent of the other party;
8. This Agreement shall be governed and construed in all respects in accordance with the
laws of India and the Courts of Bhopal, M.P. shall have exclusive jurisdiction to settle
any disputes.
Each party or representative of the party executing this Agreement represents that he/she
has the authority to enter into this Agreement and caused it to be effective as written above.
IN WITNESS WHERE OF THIS AGREEMENT was entered into the day and year first
above written.
3
Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
1.0 Initial Policy Info Sec Team Ashutosh Singh 02nd August 2021
Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
Contents
1 Introduction ...........................................................................................................................................................4
2 Objective ................................................................................................................................................................5
3 Scope .....................................................................................................................................................................6
4 Applicability ...........................................................................................................................................................7
4.1 Policy Dissemination ....................................................................................................................................7
5 Overview ................................................................................................................................................................8
5.1 Risk Assessment ...........................................................................................................................................8
5.2 Information Security Policy Review .............................................................................................................8
5.3 Human Resource Security ............................................................................................................................8
5.4 Formal Acknowledgement ...........................................................................................................................8
5.5 Network Security ..........................................................................................................................................8
5.6 Communication and operation management ..............................................................................................9
5.6.1 Email ........................................................................................................................................................9
5.6.2 Internet ....................................................................................................................................................9
5.6.3 Logs ..........................................................................................................................................................9
5.6.4 Licensed software ....................................................................................................................................9
5.6.5 Change Management ...............................................................................................................................9
5.6.6 Patch Management..................................................................................................................................9
5.6.7 Virus Protection .......................................................................................................................................9
5.7 Business Continuity ......................................................................................................................................9
5.8 Physical Security ...........................................................................................................................................9
5.9 Incident Management ................................................................................................................................10
5.10 Logical Security ...........................................................................................................................................10
5.11 Information Asset and Data Classification .................................................................................................10
5.12 Compliance.................................................................................................................................................10
6 GLOSSARY of Terms .............................................................................................................................................11
7 Roles and Responsibilities ...................................................................................................................................12
Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
1 Introduction
This policy document provides the framework to develop and disseminate an information security policy. This
policy document provides overview of the various security policies and procedures to be followed at all applicable
facilities of TECHNOTASK Pvt. Ltd Including its Affiliates, Subsidiary, and Associates (referred as TECHNOTASK
henceforth).
2 Objective
Security of IT infrastructure and its related assets such as, but not limited to Information, Computer Systems,
network elements and related services are important to Technotask Business Solutions. Hence it is essential that
effective and efficient security measures are followed within Technotask. The aim of this policy is to ensure
confidentiality, integrity and availability of information and its processing related to Technotask.
3 Scope
All information (Technotask and its clients) and information system of Technotask along with in-house supporting
activities including facility management.
4 Applicability
Information security is team effort and requires participation from user who deals with information and/or
information systems of Technotask. This Policy is applicable to all information and IT assets owned and/or
administered by/in Technotask. Every user with access to Technotask information and/or Information Assets shall
comply with Information Security Policy specified herein and related documents when working with Technotask.
The information security policy must be published and disseminated to all Technotask users with access to
Information and/or information systems.
5 Overview
The baseline for identifying and evaluating risks to be treated will be based on potential business impact of the
risk, if exercised. Business impact could be determined considering the loss to one or more of the following:
Service Disruption, revenue, Technotask repute etc. The risk assessment methodology will define the acceptable
level of risk beyond which risk will be treated. The organization will carry out an annual risk assessment process
Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
that would identify major strategic developments in the industry, emerging threats, & vulnerabilities, to business
and IT assets of the Technotask and report results in a formal risk assessment document.
The information security policy will be reviewed by representative of senior management at least annually and
updated as needed to reflect changes to business objectives or the risk environment.
All hiring shall be done after attentive scrutiny and due diligence. All Technotask personnel are required to attend
Information Security Program presented during Induction.
All resources are also required to acknowledge and sign Non-Disclosure Agreement with Technotask, binding them
not to divulge any Technotask information to unauthorized parties/personnel.
The organization should require employees to acknowledge in writing that they have read and understood the
Technotask’s security policy and procedures.
Technotask shall implement adequate measures to ensure Confidentiality, Integrity and Availability of Information
and Information assets.
All connections to Technotask network from external networks shall be segregated and protected.
Interconnectivity of networks between Technotask and third party (Vendors, Customers etc.) shall be provided
after authorization.
5.6.2 Internet
Internet access shall be provided to all employees of Technotask in line with Business requirements and IT policy.
5.6.3 Logs
Log files will be maintained for a period of one year (wherever it is technically feasible) or otherwise mentioned in
any other policy and/or requirement.
All server room and/or secure areas shall be physically segregated from other areas.
Physical access to Technotask and secure areas within the facility would be restricted to authorized users For more
details, please refer Physical Security Policy.
5.12 Compliance
At all times shall ensure their in-scope system and network components comply with various applicable regulatory
Document Name Information Security Document Number Technotask /
Policy ISMS /TTBS- 01
Classification Internal Document Status Released
Date of Release 2nd August 2021 Version Number 1.0
requirement and are assessed and certified by accreditation agency at regular intervals as required by respective
standard. Technotask is currently certified to following:
1) PCI-DSS
2) ISO 27001
6 GLOSSARY of Terms
Below is the glossary of terms/abbreviations used in this document:
Term/Acronym Explanation
CHD Card Holder Data
BC Business Continuity
IT Information Technology
HR Human Resources
Admin Administration
HoD Head of Department
The Technotask InfoSec is the owner of this document and is responsible for ensuring that this policy document is
reviewed in line with the review requirements stated above.
This policy was approved by the Board and is issued on a version-controlled basis under his/her signature.
Digitally signed by
Ashutosh Singh
Ashutosh Singh Date: 2021.08.02
11:12:56 +05'30'
Signature: Date: