TLS Logistic Inc. is committed to establishing, implementing, and continuously improving an Information Security Management System (ISMS) to protect the confidentiality, integrity, and availability of its corporate information assets. In this regard, the company adheres to the following principles:

• Assessing the information security requirements of relevant stakeholders and addressing these needs through comprehensive risk assessments and the implementation of appropriate controls.

• Developing and communicating policies, procedures, and instructions to effectively manage and control the risks associated with the ISMS.

• Raising awareness among employees regarding information security, ensuring an adequate number of personnel dedicated to the ISMS, or enhancing the knowledge and competencies of existing staff.

• Providing guidance and support to individuals to improve their contributions to the effectiveness of the ISMS.

• Facilitating the support of management roles within the ISMS to enable leaders to demonstrate effective leadership in their respective areas of responsibility.

• Allocating necessary resources to the ISMS, ensuring that risk levels remain within acceptable thresholds identified through risk assessments, and staying abreast of the latest technologies and innovations in information security to develop effective solutions.

• Identifying information assets, conducting thorough risk analysis, and selecting and implementing appropriate controls to effectively manage the identified risks.

• Creating and improving the "Statement of Applicability" by linking selected controls to those outlined in ISO 27001:2022 Annex A.

• Ensuring business continuity while safeguarding the information assets associated with all organizational activities.

• Continuously measuring the performance of implemented controls to evaluate their effectiveness.

• Initiating, monitoring, and managing activities to mitigate incidents in the event of any identified information security breaches within the ISMS.

• Conducting regular management review meetings to ensure the continuous improvement of the ISMS.

• Implementing corrective actions and preventive measures promptly to address any identified non-conformities.

• Conducting regular management review meetings to ensure the continuous improvement of the ISMS.

• Ensuring the dissemination, communication, and accessibility of policies to all relevant stakeholders, while keeping them current and effective.