Policies

To ensure protection of the organization's data and assets that are shared with, accessible to, or managed by suppliers, including external parties or third-party organizations such as service providers, vendors, and customers, and to maintain an agreed level of information security and service delivery in line with supplier agreements.

To ensure that information security is designed and implemented within the development lifecycle for applications and information systems.

To define the methodology for assessing and managing Avala AI, Inc.’s information security risks in order to achieve the company’s business and information security objectives.

To prevent unauthorized physical access or damage to the organization’s information and information processing facilities.

To ensure the correct and secure operation of information processing systems and facilities.

This policy and associated guidance establish the roles and responsibilities within Avala AI, Inc., which is critical for effective communication of information security policies and standards.

The purpose of this policy is to communicate our information security policies and outline the acceptable use and protection of Avala AI, Inc.’s information and assets.

This document establishes the plan for managing information security incidents and events, and offers guidance for employees or incident responders who believe they have discovered, or are responding to, a security incident.

To ensure that personnel and contractors meet security requirements, understand their responsibilities, and are suitable for their roles.

To ensure that information is classified, protected, retained and securely disposed of in accordance with its importance to the organization.

To ensure proper and effective use of cryptography to protect the confidentiality, authenticity and/or integrity of information. This policy establishes requirements for the use and protection of cryptographic keys throughout their entire lifecycle.

Develops and maintains a standard of conduct that is acceptable to the company and its employees, customers, and vendors.

The purpose of this business continuity plan is to prepare Avala AI, Inc. in the event of extended service outages caused by factors beyond our control (e.g., natural disasters, man-made events), and to restore services to the widest extent possible in a minimum time frame.

To identify organizational assets and define appropriate protection responsibilities. To ensure that information receives an appropriate level of protection in accordance with its importance to the organization. To prevent unauthorized disclosure, modification, removal, or destruction of information stored on media.

To limit access to information and information processing systems, networks, and facilities to authorized parties in accordance with business objectives.

EQUAL EMPLOYMENT OPPORTUNITY AND PROHIBITION ON AND PREVENTION OF DISCRIMINATION, HARASSMENT AND RETALIATION