The purpose of this policy is to:
1) Provide a security framework that will ensure the protection of AAB information from unauthorized access, loss, or damage while supporting the information-sharing needs of its dynamic culture.
2) Provide management with the necessary direction and support for information security within the AAB.
3) Define a suitable Information Security Organization Structure and define roles and responsibilities for coordination of Information Security activities within the organization.