IT Standards and ISO Compliance

EMAPTA is in the process of acquiring our ISO 27001 certification (formally known as ISO/IEC 27001:2005), the standard specification for Information Security Management System (ISMS).


As such, ISO compliant policies, processes and procedures are embedded in our operations to ensure Clients only get exceptional world-class service delivery. Below are the key aspects of our functions and processes:


Access Control

  • Computers authenticate against a Domain and Users have unique accounts
  • Network shares are controlled by Access Control Lists
  • Computer terminals are locked after five minutes of inactivity
  • Company backups are encrypted
  • Capability to disable USB storage devices

Information Security Incident Management

  • Network Monitoring Systems poll infrastructure, core services, and devices
  • In the event of a failure, our 24/7 Network Operations Centre is notified and address the issue in accordance with business impact

Risk Assessment

  • Bi-annual firewall penetration testing
  • Monthly system backup tests

Organising Information Security

  • Our IT Department operates with key guidelines tailored to each clients’ exact requirements
  • Processes are customised for each company’s specific requirements

Human Resources Security

  • Stringent HR screening policies ensure only suitable candidates are placed
  • Induction process incorporates security guidelines
  • Clearly documented staff exit procedures protect our client’s intellectual property

Physical and Environmental Security

  • All sites are located in buildings manned by security personnel on all entry and exit points
  • All EMAPTA sites and offices have Biometric authentication systems for verifying identity and controlling and recording all staff movements

Asset Management

  • Hard and soft assets are registered in our Asset Management database
  • Core equipment is secured in our climate controlled server rooms

Information Systems Acquisition, Development & Maintenance

  • EMAPTA’s IT Department implements security mechanisms for local workstations and servers and VPNs and VLANs for clients’ workstations
  • Workstations are protected by market-leading antivirus
  • Firewalls and public-facing devices are regularly patched and updated

Business Continuity Management

  • Multiple levels of redundancy in our Internet connectivity and core hardware including switches and firewalls
  • Disaster recovery and expansion options in Eastwood and Makati

ISO Compliance

  • Regular conduct of IT audits (firewall testing, and internal vulnerability scanning)
  • Multi-level testing and inspection of workstations prior to deployment to staff
  • Client installations checked against procedure document before ‘going live’