Meru University of Science and Technology (MUST) is committed to protecting its information assets against all threats whether internal or external, deliberate or accidental by ensuring preservation of confidentiality, integrity and availability of information that guarantees business continuity, minimal business loss by detection and prevention of
security incidences.

In support of this commitment, the management of MUST shall ensure that this policy is implemented to meet the requirements of ISO/IEC 27001:2013 standard.

All MUST employees, customers and interested parties who have any involvement with
information and information assets covered within the ISMS scope shall be responsible for the implementation of this policy and shall have the support of MUST top management.

The top management of MUST shall review this policy at regular intervals for continual suitability.