Information Security Management System Policy

At KUDO Accounting, we uphold a policy to protect information in all forms—written, spoken, digitally recorded, or printed—from unauthorized modification, destruction, or disclosure, whether accidental or intentional, throughout its entire lifecycle. This commitment aligns with the international standard ISO/IEC 27001:2013. To ensure comprehensive protection, we implement appropriate security measures for equipment and software involved in processing, storing, and transmitting information.

Additionally, our information security risk management practices adhere to the guidelines set forth in the ISO/IEC 27005:2018 standard. By following these internationally recognized methodologies, we prioritize the confidentiality, integrity, and availability of our valuable information assets.

Specifically, the Information Security Management System (ISMS) at KUDO Accounting is based on the requirements of ISO/IEC 27001:2013 and is integrated with our Quality Management System, which adheres to ISO 9001:2015.

The objective of KUDO Accounting is to evaluate and demonstrate our commitment to maintaining the confidentiality, integrity, and availability of information across our professional services, accounting, financial advisory, and consultancy activities, as well as in the exchange of information both internally and with external parties. This is achieved through a robust business continuity and traceability process that addresses cybersecurity and privacy concerns.

All policies and procedures must be documented and made available to those responsible for their implementation and compliance. All activities identified in the policies and procedures must also be documented. Any documentation, whether in electronic form or otherwise, must be retained for a minimum of six (6) years after its initial creation or following any amendments to the policies and procedures. Documentation must be periodically reviewed to ensure suitability, with the review schedule determined by the ISO Team at KUDO Accounting.

Each department and/or unit will formulate additional policies, standards, and procedures to explain the application of this policy and the set standards. These guidelines will also address any specific functionalities related to the information systems of each department. It is essential that all departmental policies comply with this overarching policy. For any systems introduced after the effective date of these policies, compliance with this policy’s provisions is expected to the extent possible. Existing systems are also expected to achieve compliance as soon as feasible and practicable.

Scope

The scope of information security includes protecting the confidentiality, integrity, and availability of all information processed and stored by KUDO Accounting. The methodology for managing information security as outlined in this policy applies to all units, workers, contractors, and other stakeholders involved, as well as to all systems within KUDO Accounting.

This policy, along with all associated standards, applies to all protected information and other classes of protected information in any form, as defined in the approved Information Classification Matrix at KUDO Accounting. The ISMS at KUDO Accounting is based on the requirements of ISO/IEC 27001:2013 and is integrated with the Quality Management System based on ISO 9001:2015.

The Organization’s Policy Aims to:

  • Ensure that manuals, policies, procedures, guidelines, and plans are clear and concise, reflecting the commitments KUDO Accounting has made;
  • Monitor and analyze performance metrics and make necessary adjustments, as needed, in relation to Information Classification, Incident Management, Risk Management, Business Continuity, Cybersecurity, Privacy, and/or any related topics;
  • Educate all employees on information security, cybersecurity, and privacy;
  • Ensure effective internal and external communication;
  • Foster a team-oriented approach to problem-solving and preventive actions by empowering all employees to be quality ambassadors;
  • Implement and monitor the organization’s ISMS in the daily culture and practices of KUDO Accounting, as part of our long-term commitment to quality and the protection of CIA (Confidentiality, Integrity, Availability) information;
  • Ensure that senior management regularly meets with the ISMS Team representative to review and ensure the effectiveness of the Information Security Management System;
  • Adopt best practices in information security and data protection to safeguard the confidentiality, integrity, and availability of all processed information;
  • Ensure compliance with applicable local and international legal and regulatory requirements, continually improving ISMS performance as needed;
  • Continuously improve the security and business continuity plan, aiming to enhance ISMS effectiveness and meet ongoing information continuity requirements.

Management Responsibilities:

The management of KUDO Accounting is responsible for ensuring that the Information Security Management System Policy:

  • Is appropriate for the organization’s purpose;
  • Includes a continuous commitment to improve the effectiveness of the Integrated Management System, ensuring compliance with laws, regulations, administrative guidelines, and applicable standards;
  • Establishes a framework for setting and reviewing Information Security Management System objectives;
  • Is regularly communicated within management and understood across the organization; and
  • Is periodically reviewed to ensure continued suitability.

The ISO Team is responsible for ensuring that the Information Security Management System Policy is reviewed as part of the Management Review Process.

Terms and Conditions

1. Introduction

Welcome to KUDO’s Training, Conference and Bootcamp program. By registering for our training or bootcamp, you agree to abide by the following Terms & Conditions, which set forth the rules and guidelines for participation. Please read these Terms & Conditions carefully before enrolling. If you do not agree with any part of these terms, please refrain from registering.

2. Eligibility
  1. To enroll in our training and bootcamp, you must be at least 18 years old.
  2. You must possess basic proficiency in English, both written and spoken.
  3. Candidates must meet any additional prerequisites outlined in the specific course descriptions.
3. Registration and Payment
  1. Registration for KUDO training, conference and bootcamp is completed through our official website or authorized registration platforms.
  2. Full payment of the course fee must be made prior to the start date, unless otherwise agreed upon in writing by KUDO.
  3. Payment is accepted via bank transfer, credit card, or other methods specified on the registration page.
  4. A candidate’s registration is confirmed only upon receipt of payment and acknowledgment by KUDO.
4. Cancellation and Refund Policy
  1. KUDO does not offer refunds for cancellations or non-attendance for any training or bootcamp sessions.
  2. If a participant notifies KUDO of their inability to attend at least 14 days before the start date of the training, conference or bootcamp, the full registration fee can be credited toward any upcoming KUDO programs within the next 12 months.
  3. Cancellations made less than 14 days before the start of the training or bootcamp, as well as non-attendance without prior notification, will result in the loss of the registration fee. However, candidates may transfer their registration to another individual if they are unable to attend. No credits will be permitted in these cases.
  4. KUDO reserves the right to cancel or reschedule training, conference and bootcamp sessions. In such cases, participants will receive a full credit to use for future KUDO programs. No monetary refunds will be issued.
  5. By registering for the training or bootcamp, participants acknowledge and accept this cancellation and refund policy.
5. Attendance and Certification
  1. Candidates are required to attend at least 80% of the scheduled sessions to be eligible for certification.
  2. Certification will be issued based on successful completion of the training/conference/bootcamp, assessments, and final evaluations.
  3. KUDO reserves the right to deny certification to any candidate who fails to meet the minimum performance criteria or violates these Terms & Conditions.
6. Code of Conduct
  1. Candidates are expected to conduct themselves in a professional and respectful manner throughout the training and bootcamp.
  2. Harassment, discrimination, or disruptive behavior will not be tolerated and may result in immediate removal from the program without a refund.
  3. Any use of illegal substances, alcohol, or prohibited items during the training or bootcamp is strictly prohibited.
7. Intellectual Property
  1. All course materials, content, and resources provided by KUDO are the intellectual property of KUDO and are protected by copyright laws.
  2. Candidates may not reproduce, distribute, or share any of the course materials without prior written consent from KUDO.
  3. Access to course materials is provided solely for personal use and learning purposes.
8. Data Protection and Privacy
  1. KUDO respects the privacy of its candidates and is committed to protecting personal information.
  2. Any personal data collected during the registration process will be used solely for communication, program management, and certification purposes.
  3. By registering, you agree to allow KUDO to use your contact information to communicate updates, course information, and relevant opportunities.
9. Limitation of Liability
  1. KUDO shall not be held liable for any damages, loss, or injury resulting from participation in its training or bootcamp, except in cases of gross negligence or intentional misconduct by KUDO staff.
  2. KUDO is not responsible for any technical issues, delays, or disruptions that may affect access to online sessions or materials.
10. Amendments
  1. KUDO reserves the right to modify or amend these Terms & Conditions at any time.
11. Governing Law and Jurisdiction
  1. These Terms & Conditions are governed by and construed in accordance with the laws of the Republic of Kosovo.
  2. Any disputes arising from these Terms & Conditions shall be subject to the exclusive jurisdiction of the courts of the Republic of Kosovo.
12. Contact Information

For any questions or concerns regarding these Terms & Conditions, please contact us at:

Email: [email protected]

By proceeding with registration, you confirm that you have read, understood, and agree to comply with these Terms & Conditions.