NUMERYX Tunisie’s information systems security policy is based on the following strategic priorities:

• Ensure compliance with internal, normative, legal, regulatory and contractual requirements (PIP, customers, etc.) in order to fully meet information security obligations.

• Reinforce training and continuous awareness-raising among employees to improve their understanding and management of safety issues, thus integrating a culture of safety into everyday life.

• Implement a process of regular assessment of information systems security performance and identify opportunities for continuous improvement to optimize security posture.

• Be attentive to the expectations of customers, subcontractors, etc., by actively responding to their specific safety needs and integrating their feedback into our safety strategy.

• Conduct ongoing security risk assessments and deploy appropriate mitigation measures to protect information assets against potential threats.

• Integrate safety measures into the initial phases of each project or activity to support growth while respecting our global safety strategy.

• Guarantee the protection of company data, as well as that of our customers and partners, by preventing accidental or intentional disclosure, alteration or loss.

• Ensure business and service continuity in the event of security incidents, by implementing effective and proven continuity plans.

• Maintain robust mechanisms to ensure traceability, non-repudiation and authentication of access to sensitive information.

• Comply with current regulations and relevant international standards to ensure appropriate information security management.

• Align information security initiatives with the company’s business objectives to effectively support operations and corporate strategy.

• Protect the company’s image and reputation, both internally and externally, by ensuring rigorous management of information security and fostering confidence among stakeholders.