Information Security Policy


This policy defines the information security requirements for PTCL’s physical and logical assets. The policy acts as a compass to provide the strategic direction, framework and controls that are imperative to protect PTCL’s information assets from both internal and external threats; compromising data confidentiality, integrity or availability. 


This policy is applicable to all physical and digital information owned by PTCL including but not limited to hardcopy, softcopy, electronic information etc. This policy is applicable to people, process and technology systems that manage or interact with PTCL information.

Policy Statement

To continuously strive for the best quality and secured ICT services. This commitment includes but not limited to the following aspects to provides a high-level direction for the network and information security across PTCL:

  • All employees, contractors, trainees, consultants, third party service providers and vendors abide the obligation to protect information, assure customer privacy, and remain vigilant in preventing unauthorized or fraudulent activity.
  • All employees, contractors, trainees, consultants, third party service providers and vendors abide the commitment for provision of appropriate levels of security and continuity across all functions that hold corporate and customer information.
  • PTCL management and functional levels abide the commitment to develop, implement and improve information security framework, policies to enforce and monitor compliance to best global security controls, practices, regulatory and other applicable requirements.
  • PTCL management abide to demonstrate the due commitment to enable required resources for establishing information security objectives in line with policy and continual improvement of information security management system.
  • The requirements of the information security policy and associated cross-functional security policies/standards are mandatory across all functions to ensure compliance with international best practices and to promote a robust security conscious culture.