Skip to main content

Information Security Policy

The Company is committed to protecting its information, systems, and operations against cyber and information security risks. Information security supports safe ship operations, business continuity, and regulatory compliance, and is the responsibility of all personnel, ashore and onboard.

These principles apply to employees, officers, crew, contractors, and third parties who access Company information or systems.

  1. Information Security Principles
  • Company information shall be protected to ensure confidentiality, integrity, and availability (CIA).
  • Information security applies to office systems, vessel systems, IT and OT environments.
  • Compliance with applicable laws, regulations, and Company procedures is mandatory.
  • Information security is continuously reviewed and improved.
  1. Acceptable Use of Company Systems
  • Company IT systems, email, internet, and communications are provided for authorized business use only.
  • Users must act responsibly and professionally when using Company systems.
  • Unauthorized, illegal, or offensive use of Company systems is prohibited.
  • Security controls must not be bypassed.
  1. Account, Password & Access Security
  • User accounts are personal and must not be shared.
  • Passwords must be protected and kept confidential.
  • Access rights follow the principle of least privilege.
  • Administrator and privileged access is strictly controlled.
  • Onboard systems access is coordinated between Master and IT.
  1. Remote & Third Party Access
  • Remote access to Company or vessel systems requires prior approval.
  • Third-party access is granted solely when justified by business requirements and formally authorized.
  • All remote connections are controlled, monitored, and time limited where applicable.
  1. Clear Screen & Clean Desk
  • Workstations must be locked when unattended.
  • Sensitive information must not be left visible or unsecured.
  • Documents and devices must be protected and not being left unattended.
  1. USB & Removable Media
  • Use of USB storage and removable media is restricted.
  • Only authorized devices may be connected to Company systems.
  • Controls are in place to prevent malware infections and data loss.
  1. Backup & Information Resilience
  • Critical systems and data are backed up to support recovery and continuity.
  • Backup frequency and retention follow business risk and operational needs.
  • These measures support continuity of ship and office operations.
  1. Use of Artificial Intelligence (AI)
  • AI tools and chatbots must be used responsibly and lawfully.
  • Confidential Company or client information must not be uploaded, shared or processed through AI tools or external artificial intelligence platforms without prior authorization.
  • AI usage must comply with Company security, privacy, and ethical standards.
  1. Incident Reporting

All personnel must immediately report:

  • Any suspected phishing attempts or suspicious email communications.
  • Data loss or unauthorized access.
  • Cyber incidents or abnormal system behavior.
  • Reports should be made to the Master, IT Department, or Information Security Officer.
  1. Compliance
  • Adherence to Company Information & Information Security Policies is mandatory.
  • Failure to comply may result in disciplinary action and may impact safety and operations.

 

Chief Executive Officer