Product 1

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

    Get Started
    Previous Next

    Policy on IT (Information Technology) and Information Security

    This policy sets the security and usage rules for all Information Technology at Automated Design Xpress Sdn Bhd (ADeX). This includes internal hosting servers, cloud tools, and any AI applications. It applies to all employees, contractors, suppliers, customers, and any other external party ("Users") who interact with ADeX networks, systems, or data. The aim of this policy is to ensure all Users understand their obligations and to protect ADeX information assets against all threats, whether internal or external, accidental, or malicious.

    Information Security Principles

    >  1. Confidentiality - Ensuring information is only accessible to those authorized to have access.

    >  2. Integrity - Safeguarding the accuracy and completeness of information and processing methods.

    >  3. Availability - Ensuring authorised Users have access to information and associated assets when required.

    Policy Areas and User Responsibilities

    >  • Do handle customer or proprietary data ethically and only as required for the assigned job.

    >  • Do not use personal cloud storage, private email, or any unapproved tools for company data. Use a strong, unique password for every company account, and never share it, as this is the easiest way for hackers to gain entry.

    >  • At ADeX we use One Drive on Microsoft 365 (M365) for all official file storage and communication. M365 is our approved, secure platform, and one should not use personal file-sharing services, unless prior clearance from the Management. Users must report any actual or suspected data breach or loss immediately.

    >  • Do not install any unauthorised software in the Company IT asset, as it often contains security flaws or malware that can infect the entire network.

    >  • Users are responsible for ensuring any personally owned devices used for company work (where permitted by the Remote Working Policy) have up-to-date and active anti-malware protection.

    >  • Users must not share network passwords, attempt to install unauthorised network devices to unapproved public Wi-Fi networks for company business.

    >  • Do not ignore system alerts or suspicious emails.

    >  • Do not use any AI tool (including public chatbots) for processing sensitive company or customer data unless Management has approved it.

    >  • If a system gives a result that seems biased, wrong, or harmful, report it immediately to maintain system integrity. Furthermore, one must inform customers or partners interacting with a system where AI is making the key decisions, ensuring transparency.

    >  • Suppliers and partners must avoid harmful or discriminatory AI use and maintain transparency and accuracy in their outputs.

    >  • Any third-party tool including AI must be formally assessed, reviewed, and approved by the Management before integration or use in Company operations.

    All activity on company networks, servers, and cloud-based accounts must observe security compliance. Violating these rules may result in disciplinary action, up to and including job or contract termination, and/or legal action, as permitted by law. In the event of an observation or a suspicion of a violation of this policy, an AI system failure, or a security weakness, please report it immediately to Management at info@adex.com.my or relevant ADeX contact. This policy shall be reviewed by ADeX upon significant changes to the business, legal, or technical environment.

    Download Form

    PDF Preview

    Declaration Form