the Cybersecurity Policy for Ziggurah :

---

### Cybersecurity Policy

*Company Name*: ZIGGURAH LLC  

*ID Number*: 067178733  

*Date of Establishment*: November 15, 2023  

*Location*: 30 N Gould St Ste R Sheridan, WY 82801 USA

*MSB License Number*: 31000273780337  

---

#### 1. *Introduction*

Ziggurah is committed to ensuring the highest standards of cybersecurity to protect our systems, data, and customer information from cyber threats. This policy outlines the measures we will implement to safeguard our digital assets and maintain the integrity of our platform.

#### 2. *Objectives*

- Protect the confidentiality, integrity, and availability of data.

- Ensure the security of all information systems and networks.

- Mitigate risks associated with cybersecurity threats.

- Comply with all relevant laws and regulations.

#### 3. *Scope*

This policy applies to all employees, contractors, and third-party service providers who have access to Ziggurah’s information systems and data.

#### 4. *Governance and Responsibilities*

4.1 *Chief Information Security Officer (CISO)*:

- The CISO will oversee the implementation and maintenance of the cybersecurity program.

- The CISO will report regularly to senior management on cybersecurity matters.

4.2 *Employee Responsibilities*:

- Employees are responsible for following cybersecurity policies and procedures.

- Employees must report any suspicious activities or security incidents immediately.

#### 5. *Risk Management*

5.1 *Risk Assessment*:

- Regular risk assessments will be conducted to identify and evaluate potential cybersecurity threats.

- Risk mitigation strategies will be implemented based on the assessment findings.

5.2 *Risk Monitoring*:

- Continuous monitoring of systems and networks will be performed to detect and respond to security incidents.

#### 6. *Access Control*

6.1 *User Access Management*:

- Access to information systems will be granted on a need-to-know basis.

- Strong authentication methods, such as multi-factor authentication (MFA), will be used to verify user identities.

6.2 *Privileged Access Management*:

- Privileged accounts will be closely monitored and restricted to authorized personnel only.

- Periodic reviews of access rights will be conducted to ensure compliance.

#### 7. *Data Protection*

7.1 *Data Encryption*:

- Sensitive data will be encrypted both in transit and at rest using industry-standard encryption protocols.

- Encryption keys will be managed securely to prevent unauthorized access.

7.2 *Data Backup and Recovery*:

- Regular backups of critical data will be performed and stored securely.

- Data recovery procedures will be tested periodically to ensure business continuity.

#### 8. *Incident Response*

8.1 *Incident Detection and Reporting*:

- Security incidents will be detected and reported promptly through established channels.

- An incident response team

 01/04/2024

To contact us / admin@fxeet.com