iMerit Policies

This document includes the Code of Conduct, Anti-Harassment Policy and Information Security Management Systems policy for iMerit, Inc.

To work with iMerit as a consultant, it is important that you read, understand and follow the policies outlined in this document.

Introduction

The iMerit Code of Conduct was first formalized by our Founder and CEO Radha Basu. It articulates the values and ideals of the company that guide and govern the conduct of our company as well as our partners in all matters relating to business. iMerit has consistently adhered to these values and ideals since the inception of this organization in 2012. Today, the Code is a bedrock on which we base our individual, as well as leadership commitments to core iMerit values.

The iMerit Code of Conduct outlines our commitment to each of our stakeholders, including the communities in which we operate, and is our guiding light when we are sometimes faced with business quandaries that leave us at ethical junctions. The Code is also dynamic in that it has been periodically refreshed in order to remain up-to-date and contextual to the changes in law and regulations. However, it remains unaltered at its core.

Our reputation and success as a business entity has been defined by the powerful commitment and adherence to the core values and principles expressed in this Code, by all our staff members (employees and contractors), directors and partners. We trust every iMerit will continue to not only comply with the laws and regulations that govern our business interests around the world but will continue to set new standards of ethical conduct that will generate deep respect and inspire emulation by others.

Radha BasuChief Executive Officer

Our Core Values

iMerit has always been values-driven. The core values that underpin the way we conduct our business activities are:

Integrity Bring fairness and honesty to everything we do; being ethical without fail, and without hesitation.

Respect Actively listen to all of our stakeholders. Treat everyone fairly and respectfully. Encourage people to learn, share, and grow

Commitment Commit ourselves to striving for quality in everything we do, at all times. Measure ourselves always, recalibrate often

Dependability Deliver consistently on our commitments to company, colleagues and clients. Be trustworthy and resilient, even in chaotic times.

Flexibility Remain open to new ideas. Operate with the understanding that with each day comes a better, smarter, faster way of working.

Impact Create positive social and economic change throughout our communities, by always illuminating the opportunities that exists.

Scope and Purpose of this Code

Our Code of Conduct sets out how we behave with:

Our staff members - employees, contractors, apprentices – all those who work with us;
Our customers;
The communities and the environment in which we operate;
Our value-chain partners, including suppliers and service providers;
Our financial stakeholders;
The governments of the countries in which we operate.

This Code sets out our expectations of all those who work with us. We also expect those who deal with us to be aware that this Code underpins everything we do, and in order to work with us they need to act in a manner consistent with it.

In this Code, “we or us” means our company, our directors, officers, employees and those who work with us, as the context may require.

The term “our companies” in this Code typically means either our offices where iMerit intends for this Code to apply to, and/or to remote staff members to whom iMerit has issued this Code.

Our Core Principles

Our company was founded on the idea of bringing a diverse talent pool from underprivileged backgrounds into the digital workforce, and that the company should not be managed merely in the interests of their owners, but equally in those of their staff members, of the customers of their products, of the local community and finally of the country as a whole.

We are committed to operating our businesses conforming to the highest moral and ethical standards. We do not tolerate bribery or corruption in any form. This commitment reinforces everything that we do.
We seek to contribute to the economic development of the communities of the countries and regions we operate in, while respecting their culture, norms and heritage. We seek to avoid any project or activity that is detrimental to the wider interests of the communities in which we operate.
We are committed to good corporate citizenship and encourage social developmental activities as an integral part of our business plan.
When representing our company, we shall act with professionalism, honesty and integrity, and conform to the highest moral and ethical standards. In the countries we operate in, we shall exhibit culturally appropriate behavior. Our conduct shall be fair and transparent and be perceived as fair and transparent by third parties.
We do not use forced labor in any form. We do not employ children at our workplaces. We do not allow consumption of drugs or alcohol at the workplace.
We treat everyone, in our work environment, with dignity and respect.
We shall respect the human rights and dignity of all our stakeholders. We shall strive to balance the interests of our stakeholders, treating each of them fairly and avoiding unfair discrimination of any kind. The statements that we make to our stakeholders shall be truthful and made in good faith.
We shall not engage in any restrictive or unfair trade practices.
We do not tolerate any form of harassment and have clear policies for reporting and actionizing such issues.
Our work environment is built on tolerance, understanding, mutual cooperation and respect for individual rights to privacy.
We shall strive to create an environment free from fear of retribution to deal with concerns that are raised or cases reported in good faith.
We believe in freedom of association & recognize the rights of employees to form associations of their choice
We are committed to services of world-class quality that meet all applicable standards including local laws & statutory obligations.
We shall market our services on their own merits and do not make unfair or misleading statements about the services.
We respect our customers’ right to privacy in relation to their personal or official data.
We shall not enter into any activity constituting anti-competitive behavior with competitors.
We shall select our suppliers and service providers fairly and transparently who demonstrate similar values.
We expect the leaders of our businesses to demonstrate their commitment to the ethical standards set out in this Code through their own behavior and by establishing appropriate processes within their companies.
We shall comply with the laws of the countries in which we operate and any other laws which apply to us. With regard to those provisions of the Code that are explicitly dealt with under an applicable law or employment terms, the law and those terms shall take precedence. In the event that the standards prescribed under any applicable law are lower than that of the Code, we shall conduct ourselves as per the provisions of the Code.

Our employees and consultants

EQUAL OPPORTUNITY EMPLOYER

When recruiting, developing and promoting our staff members, our decisions will be based solely on performance, merit, competence and potential.

We shall have fair, transparent and clear staff policies which promote diversity and equality, in accordance with applicable law and other provisions of this Code. These policies shall provide for clear terms of employment, training, development and performance management.

HUMAN RIGHTS

We do not employ children at our workplaces.

We do not use forced labor in any form. We do not confiscate personal documents of our employees, or force them to make any payment to us or to anyone else in order to secure employment with us, or to work with us.

GIFTS AND HOSPITALITY

Business gifts and hospitality are sometimes used in the normal course of business activity. However, if offers of gifts or hospitality (including entertainment or travel) are frequent or of substantial value, they may create the perception of, or an actual conflict of interest or an ‘illicit payment’. Therefore, gifts and hospitality given or received should be modest in value and appropriate, and in compliance with our company’s gifts and hospitality policy.

DIGNITY AND RESPECT

Our leadership is responsible for creating a conducive work environment built on tolerance, understanding, mutual cooperation and respect for individual privacy.

Everyone in our work environment must be treated with dignity and respect. We do not tolerate any form of harassment, whether sexual, physical, verbal or psychological.

We have clear and fair disciplinary procedures, which necessarily include a staff member’s right to be heard.

We respect our staff members’ right to privacy. We have no concern with their conduct outside our work environment, unless such conduct impairs their work performance, creates conflicts of interest or adversely affects our reputation or business interests

ANTI-BRIBERY & ANTI-CORRUPTION

Our staff members and those representing us, including vendors, shall not, directly or indirectly, offer or receive any illegal or improper payments or comparable benefits that are intended or perceived to obtain undue favors for the conduct of our business. It is illegal and immoral to, directly or indirectly, offer or receive a bribe.

FREEDOM OF ASSOCIATION

We recognize that staff members may be interested in joining associations or involving themselves in civic or public affairs in their personal capacities, provided such activities do not create an actual or potential conflict with the interests of our company. Our staff members must contact us to discuss any case where these associations may create any conflict, as per the ‘Conflicts of Interest’ clause of this Code and in accordance with applicable company policies and law.

WORKING OUTSIDE EMPLOYMENT OR ENGAGEMENT WITH US

Taking employment, accepting a position of responsibility or running a business outside engagement with our company, in your own time, with or without remuneration, could interfere with your ability to work effectively at our company or create conflicts of interest. Any such activity must not be with any customer, supplier, distributor or competitor of our company.

Our staff members must notify us of any such activity as per the ‘Conflicts of Interest’ clause of this Code.

INSIDER TRADING

Our staff members must not indulge in any form of insider trading nor assist others, including immediate family, friends or business associates, to derive any benefit from access to and possession of price sensitive information that is not in the public domain. Such information would include information about our company, our group companies, our clients and our suppliers.

INTEGRITY OF INFORMATION ASSETS

Our staff members shall not make any willful omissions or material misrepresentation that would compromise the integrity of our records, internal or external communications and reports, including the financial statements.

Our staff members and directors shall seek proper authorization prior to disclosing company or business-related information, and such disclosures shall be made in accordance with our company’s media and communication policy. This includes disclosures through any forum or media, including through social media.

Our staff members shall ensure the integrity of personal data or information provided by them to our company. We shall safeguard the privacy of all such data or information given to us in accordance with applicable company policies or law.

Our staff members shall respect and protect all confidential information and intellectual property of our company.

Our staff members shall safeguard the confidentiality of all third party intellectual property and data. Our staff members shall not misuse such intellectual property and data that comes into their possession and shall not share it with anyone, except in accordance with applicable company policies or law.

Our staff members shall promptly report the loss, theft or destruction of any confidential information or intellectual property and data of our company or that of any third party.

CONFLICTS OF INTERESTS

Our staff members and executive directors shall always act in the interest of our company and ensure that any business or personal association including close personal relationships which they may have, does not create a conflict of interest with their roles and duties in our company or the operations of our company. Further, our staff members and executive directors shall not engage in any business, relationship or activity, which might conflict with the interest of our company or our group companies.

Should any actual or potential conflicts of interest arise, the concerned person must immediately report such conflicts and seek approvals as required by applicable law and company policy. The competent authority shall revert to the staff member within a reasonable time as defined in our company’s policy, so as to enable the concerned employee to take necessary action as advised to resolve or avoid the conflict in an expeditious manner.

In the case of all staff members other than executive directors, the Chief Executive Officer / Managing Director shall be the competent authority, who in turn shall report such cases to the Board of Directors on quarterly basis. In case of the Chief Executive Officer / Managing Director and executive directors, the Board of Directors of our company shall be the competent authority.

Notwithstanding such or any other instance of conflict of interest that exists due to historical reasons, adequate and full disclosure by interested staff members shall be made to our company’s management. At the time of appointment in our company, our staff members and executive directors shall make full disclosure to the competent authority, of any interest leading to an actual or potential conflict that such persons or their immediate family (including parents, siblings, spouse, partner, children) or persons with whom they enjoy close personal relationships, may have in a family business or a company or firm that is a competitor, supplier, customer or distributor of, or has other business dealings with, our company.

If there is a failure to make the required disclosure and our management becomes aware of an instance of conflict of interest that ought to have been disclosed by a staff member or executive director, our management shall take a serious view of the matter and consider suitable disciplinary action as per the terms of employment or engagement. In all such matters, we shall follow clear and fair disciplinary procedures, respecting the staff member ’s right to be heard.

PROHIBITED DRUGS AND SUBSTANCES

Use of prohibited drugs and substances creates genuine safety and other risks at our workplaces. We do not tolerate prohibited drugs and substances from being possessed, consumed or distributed at our workplaces, or in the course of company duties.

Our consultants should not post any information about iMerit work on social media.

Our customers

SERVICES

We are committed to services of world-class quality that meet all applicable standards.

The services we offer shall comply with applicable laws, including statutory obligations.

We shall market our services on their own merits and not make unfair or misleading statements about the services of our competitors.

DEALING WITH CUSTOMERS

Our dealings with our customers shall be professional, fair and transparent.

We respect our customers’ right to privacy in relation to their personal data. We shall safeguard our customers’ personal data, in accordance with applicable law.

FAIR COMPETITION

We support the development and operation of competitive open markets and investment in each country and market in which we operate.

We shall not enter into any activity constituting anti-competitive behavior such as abuse of market dominance, collusion, participation in cartels or inappropriate exchange of information with competitors.

We collect competitive information only in the normal course of business and obtain the same through legally permitted sources and means.

Our community and environment

COMMUNITY

We engage with the community and other stakeholders to minimize any adverse impact that our business operations may have on the local community and the environment.

We encourage our workforce to volunteer on projects that benefit the communities in which we operate, provided the principles of this Code, where applicable, and in particular the ‘Conflicts of Interest’ clause are followed

Our mission is to help underserved communities worldwide build meaningful careers in the technology industry.

ENVIRONMENT

We seek to prevent the wasteful use of natural resources and are committed to improving the environment, particularly with consumption of water and energy, and the management of waste and hazardous materials. We shall endeavor to offset the effect of climate change in our activities.

Our value chain partners

We shall select our suppliers and service providers fairly and transparently.

We seek to work with suppliers and service providers who can demonstrate that they share similar values. We expect them to adopt ethical standards comparable to our own.

Our suppliers and service providers shall represent our company only with duly authorized written permission from our company. They are expected to abide by the Code in their interactions with, and on behalf of us, including respecting the confidentiality of information shared with them.

We shall ensure that any gifts or hospitality received from, or given to, our suppliers or service providers comply with our company’s gifts and hospitality policy.

We respect our obligations on the use of third party intellectual property and data.

Zero tolerance ethical issues

Resorting to fraudulent / unprofessional / unethical activities or work methods at work and indulging in such activities.
Manipulation of data / information to misguide, misrepresent and cover up any unethical ways adopted for work.
Misuse / misrepresentation of working hours to cover up loss of working hours
Use coercion / threat / peer pressure or any other form of force to make colleagues / team members to refrain from reporting any unethical practices to management.
Engaging in unethical behavior or such practices will not be expected or tolerated under any circumstances.

Data & IT security

On initially joining or engaging with iMerit, staff members are required to familiarize themselves with the iMerit’s Information Security Management System policies, understand and commit to the role they play in the implementation of those policies through participation in the ISMS training program or through review of ISMS training material.

Staff members must refresh their understanding of those policies and re-acknowledge their commitment to their implementation annually.

Office Decorum

All staff members are expected to conduct themselves in a professional and respectful manner during office hours, be it in office or working remotely.
All staff members are requested to keep their mobile on silent /vibration mode when working from the office during office hours.
No staff member is allowed to misbehave with any guest / customer or with peers / reportees in the office premise.
Every staff member must maintain hierarchical order & in case of any grievance, must follow the same to address.
All staff members must maintain company privacy and secrecy.
All staff members should be presentably dressed and accessorized when working in the office or participating in remote meetings.
Every staff member should maintain a proper decorum, peace and a harmonious work environment in the office.
Every staff member should maintain a healthy work environment

Raising concerns

We encourage our staff members, customers, suppliers and other stakeholders to raise concerns or make disclosures when they become aware of any actual or potential violation of our Code, policies or law. We also encourage reporting of any event (actual or potential) of misconduct that is not reflective of our values and principles.

If you become aware of any misconduct, please contact your Relationship Manager. In the event that this is not a suitable channel, please contacthr@imerit.net, or use any other reporting channel set out in our company’s ‘Whistleblower’ policy, available here.

We do not tolerate any form of retaliation against anyone reporting legitimate concerns. Anyone involved in targeting such a person will be subject to disciplinary action. If you suspect that you or someone you know has been subjected to retaliation for raising a concern or for reporting a case, we encourage you to promptly contact your Relationship Manager.

Accountability

This Code is more than a set of prescriptive guidelines issued solely for the purpose of formal compliance. It represents our collective commitment to our value system and to our core principles. Every person employed by us, directly or indirectly, should expect to be held accountable for his/her behavior. Should such behavior violate this Code, they may be subject to action according to their employment terms and relevant company policies. When followed in letter and in spirit, this Code is ‘lived’ by our employees as well as those who work with us. It represents our shared responsibility to all our stakeholders, and our mutual commitment to each other.

Note on the limitation of this Code of Conduct

The Code does not provide a comprehensive and complete explanation of all expectations from a company standpoint or obligations from a stakeholder standpoint. Our staff members have a continuing obligation to familiarize themselves with all applicable law, group-level advisories and policies, company-level policies, procedures and work rules as relevant. For any guidance on interpretation of the Code, we may seek support from our company’s HR, as appropriate. This version of the Code of Conduct supersedes all earlier versions and associated documents and stands. For any query or clarification on the Code, please contact respective location HR staff or relationship managers.

Anti-Harassment Policy

This workplace harassment policy emphasizes a commitment to a harassment-free environment. It prohibits intimidation, humiliation, sabotage, and discrimination based on various factors. This policy defines harassment, provides examples, and outlines procedures for reporting and addressing harassment, with consequences for violations.

Overview

It is iMerit 's policy to prohibit intentional and unintentional harassment of or against job applicants, contractors, interns, volunteers or other staff members by another staff member, supervisor, vendor, customer or any third party on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information or any other characteristic protected by applicable federal, state or local laws (referred to as "protected characteristics"). Such conduct will not be tolerated by iMerit.

The purpose of this policy is not to regulate our staff members' personal morality, but to ensure that no one harasses another individual in the workplace, including while on Company premises, while on Company business (whether or not on Company premises) or while representing the Company. In addition to being a violation of this policy, harassment or retaliation based on any protected characteristic as defined by applicable federal, state, or local laws also is unlawful. For example, sexual harassment and retaliation against an individual because the individual filed a complaint of sexual harassment or because an individual aided, assisted or testified in an investigation or proceeding involving a complaint of sexual harassment as defined by applicable federal, state, or local laws are unlawful.

Harassment Defined

Harassment, as outlined in this policy, encompasses unwelcome verbal, visual, or physical conduct that belittles or demonstrates hostility or aversion towards an individual due to any actual or perceived protected characteristic. Furthermore, it includes behavior that has the intent or consequence of unreasonably impeding an individual's work performance or fostering an intimidating, hostile, or offensive working atmosphere.

Harassment can be verbal (including slurs, jokes, insults, epithets, gestures or teasing), visual (including offensive posters, symbols, cartoons, drawings, computer displays, text messages, social media posts or emails) or physical conduct (including physically threatening another, blocking someone's way, etc.). Such conduct violates this policy, even if it does not rise to the level of a violation of applicable federal, state or local laws. Because it is difficult to define unlawful harassment, staff members are expected to behave at all times in a manner consistent with the intended purpose of this policy.

Policy Brief & Purpose

iMerit’s Anti-harassment policy expresses commitment to maintain a workplace that is free of harassment. iMerit’s policy is to prohibit intentional and unintentional harassment of any individual by another person on the basis of any classification including, but not limited to, actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, sex, disability or handicap, pregnancy, marital status, veteran status, sexual orientation, civil union status, gender identity, or any other characteristic protected by applicable National or State laws. The purpose of this policy is not to regulate our staff members' personal morality, but to ensure that in the workplace, individuals or teams do not harass another individual.

Such behavior may include but not limited to:

Derogatory name-calling.
Verbal threats, insults and jokes.
Display of offensive material.
Exclusion from normal workplace conversation or activities.
Physical attack.
Encouraging others to commit any such acts.
Differential treatment within the team by managers
Biased opinions and opportunities by leads/managers/leadership
Unequal hiring or growth opportunities.

iMerit is an Equal Opportunity Employer and does not discriminate on the basis of actual or perceived race, color, national origin, ancestry, disability, sexual orientation & gender (which includes medical conditions related to pregnancy, childbirth, breastfeeding). Our management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, staff member activities and general treatment during engagement.

To report any kind of harassment related to sexual harassment, please see the Reporting and Investigative Procedures section below, which provides a method to raise a grievance anonymously with all grievances and information regarding the complaint & the complainant kept as confidential. The information will be shared only on a need-to-know basis during the resolution process.

Policy Elements

Harassment includes bullying, intimidation, direct insults, malicious gossip and victimization. The following circumstances (not limited to) can be considered as harassment.

Racial harassment - Racial harassment is an incident or a series of incidents intended or likely to intimidate, offend or harm an individual or group because of their ethnic origin, color or race.
Gender-based harassment- Gender-based harassment is a serious issue that affects individuals in the workplace (irrespective of gender)or their communities. Gender-based harassment is an umbrella term and can take many forms including physical, psychological, sexual or economic harm – and is characterized by being directed at a person because of their sex or gender, or by disproportionately affecting persons of a particular sex or gender.
**If harassment is of a sexual nature,**please review our Sexual Harassment policy and check if the particular grievance will fall under the same.
Harassment based on national origin - This involves treating staff members unfavorably because they are from a particular country or part of the world, because of ethnicity or accent, or because they appear to be of a certain ethnic background (even if they are not).
Harassment for physical or mental disability – When a staff member is treated unequally or unfavorably because of any form of disability, this will be considered harassment.
Religious Harassment - Religious harassment is unequal treatment of an individual or group based on their beliefs.

Addressing Harassment

If a staff member feels that he or she has been subjected to any staff member conduct/ behavior which violates this policy, they should immediately report the matter to the immediate supervisor along with that it should also be informed to the respective HR.
If the staff member is unable to contact the immediate supervisor person for any reason, or if the staff member has not received a satisfactory response within five (5) business days after reporting any incident of what the staff member perceives to be harassment, the staff member should contact the next level supervisor along with that it should also be informed to the respective location HR.
If the person toward whom the complaint is directed is one of the individuals indicated above, the staff member can intimate the same to his functional head directly. At the same time, it should be intimated to the Head of HR. The Functional Head and Head of HR both will analyze and resolve the same at earliest. Every staff member must maintain hierarchy for intimating any incident. Unnecessary superseding of hierarchy is not encouraged in any case.

Any kind of harassment which is non sexual and is not related to sexual harassment should be reported to your Relationship Manager. In the event that this is not a suitable channel, please contact hr@imerit.net. The individual who has raised the grievance will remain anonymous & the redressal proceedings will be kept confidential to the extent reasonable or possible. All complainants will be protected from adverse consequences for raising a complaint and will be allowed to be anonymous.

Confidentiality Clause

All complaints and investigations will be treated confidentially, and information will be disclosed on a strictly need-to-know basis, with the advance consent of the complainant. The identity of the complainant is only revealed to the parties involved in the investigation process unless otherwise discussed with the complainant. All information pertaining to the anti-harassment complaint or investigation are maintained in secure files in the HR department. Failure to maintain confidentiality will result in disciplinary measures. Where information needs to be reported outside the company, this will be done without sharing any details that could reveal the identity of those involved.

Disciplinary Consequences

Punishment for harassment depends on the severity of the offense and may include reprimands, suspensions or termination.

Violation of this policy including any improper retaliatory conduct will result in disciplinary action. All staff members must cooperate with all investigations.

Report

The entire incident has to be reported in detail and documented and kept in file for company records and future references, which will be confidential and can be accessible only by the HR when required.

Training & Communication

The HR department shall notify the existence and contents of this policy to all staff members of the Company and create awareness.

Sexual Harassment Defined

Sexual harassment can include all of the above actions, as well as other unwelcome conduct, such as unwelcome or unsolicited sexual advances, requests for sexual favors, conversations regarding sexual activities and other verbal, visual or physical conduct of a sexual nature when:

submission to that conduct or those advances or requests is made either explicitly or implicitly a term or condition of an individual's employment; or
submission to or rejection of the conduct or advances or requests by an individual is used as the basis for employment decisions affecting the individual; or
the conduct or advances or requests have the purpose or effect of unreasonably interfering with an individual's work performance or creating an intimidating, hostile or offensive working environment.

Examples of conduct that violate this policy include:

unwelcome flirtations, leering, whistling, touching, pinching, assault, blocking normal movement;
requests for sexual favors or demands for sexual favors in exchange for favorable treatment;
obscene or vulgar gestures, posters or comments;
sexual jokes or comments about a person's body, sexual prowess or sexual deficiencies;
propositions or suggestive or insulting comments of a sexual nature;
derogatory cartoons, posters and drawings;
sexually-explicit emails, text messages or voicemails;
uninvited touching of a sexual nature;
unwelcome sexually-related comments;
conversation about one's own or someone else's sex life;
conduct or comments consistently targeted at only one gender, even if the content is not sexual; and
teasing or other conduct directed toward a person because of the person's gender.

Reporting and Investigation Procedures

The confidential & protected disclosure of complaints can be in form of emails along with supporting documents to be sent at shpc@imerit.net, which is the email center for all sexual harassment complaints. Depending on the severity of the complaint an Internal complaints committee (ICC) or an external Complaints committee (ECC) will be formed which will do the investigation procedure.

The Internal Complaints Committee will be a body, which will have senior members who are not directly involved with the complaint. The External Complaints Committee (ECC) will have members from Internal senior members and external consultants who are not directly involved with the complaint.

On receipt of complaint, the ICC/ECC shall decide the place and time for hearing the complaint and shall intimate the date, time and place of hearing to the Complainant and Respondent. The ICC/ECC shall follow the principle of Natural Justice while handling such complaints. The Internal Complaints Committee on receipt of such written complaint, may, if required, ask the aggrieved person to furnish additional information about the alleged harassment.

All Confidential & Protected Disclosure shall be addressed to the ICC/ECC and shall be treated with absolute confidentiality under all aspects. The identity of the complainant shall remain confidential in all circumstances to maintain his/her sanctity and security at all levels.

The Complainant may or may not disclose his/her identity at their sole discretion. Anonymous communication shall also be dealt with equal importance and weightage.

Every complaint/communication received shall be viewed in its own significance and shall be investigated by the investigators, as stated above.

There is no timeline defined for investigation of the case and will purely depend on the severity and intensity of the case. All staff members must cooperate with all investigations conducted pursuant to this policy.

Retaliation prohibited

In addition, the Company will not allow any form of retaliation against individuals who report unwelcome conduct to management or who cooperate in the investigations of such reports in accordance with this policy. If the staff member has been subjected to any such retaliation, the staff member should report it in the same manner in which the staff member would report a claim of perceived harassment under this policy.

Violation of this policy including any improper retaliatory conduct will result in disciplinary action, up to and including termination.

Confidentiality clause

All complaints and investigations will be treated confidentially and information will be disclosed on a strictly need-to-know basis, with the advance consent of the complainant. The identity of the complainant is only revealed to the parties involved in the investigation or redressal process unless otherwise discussed with the complainant. All information pertaining to the sexual harassment complaint or investigation are maintained in secure files in the HR department. Failure to maintain confidentiality will result in disciplinary measures. Where information needs to be reported outside the company, this will be done without sharing any details that could reveal the identity of those involved.

Anonymity

All complainants will be protected from adverse consequences for raising a complaint and will be allowed to be anonymous.

Information security management system (ISMS) policies

Overview of ISMS

The Information Security Management System, also known as ISMS, is a formal management practice to safeguard the security of information assets through people, processes, and technology.

ISO 27001 is one such standard that –

Guides us to maintain the data that we work safely and responsibly.
Helps us create our organization’s own Information Security Management System
Ensure the organization’s information remains secure.
It gives us the dos and don’ts to be followed to ensure confidentiality, integrity, and availability of every bit and piece of information.

Third-party auditors check whether the controls are in place according to the standards and also take stock of the knowledge and behavior of the staff in regard to following the security measures of the organization.

Why is ISMS important?

“Security is everyone’s responsibility”.

The onus is on each and every staff member to help safeguard the organization’s security.
iMerit, is a digital data services company that deals with a plethora of data every day.
A significant chunk of this data belongs to clients who trust us with their sensitive data.
It is therefore absolutely imperative for us to convince our clients that their data lies safe with us.

The Structure of ISMS

There is a formal structure to officially handle the security processes of the organization.
The CISO is the highest point of escalation for security incidents and overlooks the organization's information, cyber, and technology security.
The CISO's responsibilities include developing, implementing, and enforcing security policies to protect critical data.

Our security policies

A security-aware staff member is someone aware of the security norms followed by the organization and can identify any incident of violation or breach of security with clarity.

Therefore, every staff member must familiarize themselves with iMerit’s security policies.

Types of Security

Security can be broadly classified into two types –

Staff should be ever vigilant of the security norms and never compromise with the physical and data security measures and neither let others falter over embracing security as a normal, and standard practice.

Check Points

An ISMS-certified organization must ensure its processes and people are conducive to maintaining information security within the organization.

People refer to the staff members and stakeholders responsible for maintaining information security.

Processes refer to the policies and procedures that guide information security practices, and technology refers to the tools and solutions used to protect information assets.

Confidentiality, Integrity, and Availability are the three pillars of information security.
Never share your credentials for accessing iMerit systems with anyone.
Client information should be shared on a need-to-know basis.
Treat client data as confidential and do not share screen grabs of the actual work via chat or email with unauthorized people.
If you want to share an error message, make sure you don’t have a screenshot of the client task attached to it.
If you have to send a screenshot blur the actual task to prevent any sensitive information from getting disclosed inadvertently.
Always share client information with authorized people via email.
Our emails are encrypted and thus reduce the risk of information being hijacked.
When working from an iMerit office, do not carry any personal storage devices into the premises.
Do not use the internet in a way that violates iMerit’s policies when using iMerit provided equipment or working on iMerit tasks.

While working from home

Working from home comes with its own share of advantages and disadvantages. Be extra careful about data security while working from home and always remember to -

Follow and adhere to the Work from Home policy of I Merit.
Log-in and Log-out as scheduled using appropriate log-on and sign-off procedures.
Use a VPN to log in to the tasks.
While working, do not leave your system unattended.
Do not share office information (client name, nature of work) with anyone outside work.
Take care of the office assets.
Raise an incident as soon as there is an exception to uneventful functioning.

Incident reporting

An incident is any phenomenon that can be described as an exception to what is normal. Any breach in the physical or information security system of iMerit is an exception that is termed an incident.

Incidents or breaches are thus mistakes that should be corrected immediately but a good security system doesn’t stop at that. It is equally important to know WHY an incident took place to be able to prevent it from recurring in the future.

If you come across any breach in physical or information security –

Do raise an incident via the Ivantiportal - https://imerithelp.ivanticloud.com/ so that the issue can be resolved immediately.
You can also mail your concern to the information security team (infosec@imerit.net) and copy your Project Manager.

To summarize

DO display ID cards at all times when present within iMerit premises.
DO log-off your PC when you leave.
DO use iMerit resources (laptops, desktops, email) for business purposes only.
DO use a minimum of 8 character-long complex passwords (a combination of alphabets, numerals, and special characters) and change passwords at least once every ninety (90) days.
DO delete messages that are no longer needed for business purposes from the mailbox on a regular basis.
DO dispose of sensitive documents properly
DO report all security incidents to your Team Lead/ Project Manager and raise a Security Incident in the Ivanti portal.
DO Ensure all staff access is removed immediately from any client tool on the last working day.
DO keep all project-related files in secure places with restricted access.
DO clear your desk and clear your screen when moving away from your desk.

PreviousProject Release and Termination NextProprietary Information Agreement

Last updated 4 months ago

hashtagIntroduction

hashtagOur Core Values

hashtagScope and Purpose of this Code

hashtagOur Core Principles

hashtagOur employees and consultants

hashtagEQUAL OPPORTUNITY EMPLOYER

hashtagHUMAN RIGHTS

hashtagGIFTS AND HOSPITALITY

hashtagDIGNITY AND RESPECT

hashtagANTI-BRIBERY & ANTI-CORRUPTION

hashtagFREEDOM OF ASSOCIATION

hashtagWORKING OUTSIDE EMPLOYMENT OR ENGAGEMENT WITH US

hashtagINSIDER TRADING

hashtagINTEGRITY OF INFORMATION ASSETS

hashtagCONFLICTS OF INTERESTS

hashtagPROHIBITED DRUGS AND SUBSTANCES

hashtagCOMPLY WITH SOCIAL MEDIA POLICY

hashtagOur customers

hashtagSERVICES

hashtagDEALING WITH CUSTOMERS

hashtagFAIR COMPETITION

hashtagOur community and environment

hashtagCOMMUNITY

hashtagENVIRONMENT

hashtagOur value chain partners

hashtagZero tolerance ethical issues

hashtagData & IT security

hashtagOffice Decorum

hashtagRaising concerns

hashtagAccountability

hashtagNote on the limitation of this Code of Conduct

hashtagAnti-Harassment Policy

hashtagOverview

hashtagHarassment Defined

hashtagPolicy Brief & Purpose

hashtagPolicy Elements

hashtagAddressing Harassment

hashtagConfidentiality Clause

hashtagDisciplinary Consequences

hashtagReport

hashtagTraining & Communication

hashtagSexual Harassment Defined

hashtagReporting and Investigation Procedures

hashtagRetaliation prohibited

hashtagConfidentiality clause

hashtagAnonymity

hashtagInformation security management system (ISMS) policies

hashtagOverview of ISMS

hashtagWhy is ISMS important?

hashtagThe Structure of ISMS

hashtagOur security policies

hashtagTypes of Security

hashtagCheck Points

hashtagWhile working from home

hashtagIncident reporting

hashtagTo summarize