TCS Security Policy

Tata Consultancy Services is an IT services, consulting and business solutions organization offering a consulting-led, cognitive powered, AI driven, integrated portfolio of business, technology and engineering services and solutions delivered through its unique Location Independent Agile™ delivery model. As part of its operations, TCS has access to business-sensitive information (including personal information), the protection of which is crucial to TCS and its clients’ business interests.

Our Security Vision is “To make TCS reliable, resilient and immune to the existing and evolving volatile environment of constant changes, accidents, attacks and failures.”

This Security Policy reiterates our commitment to protect all the information and assets that we own or are responsible for; thus, ensuring an efficient, safe and secure working environment for TCS and its customers.

TCS will deploy a convergent security model to ensure:

Protection of information and assets against unauthorized access by deploying adequate security controls covering physical, logical and personnel security
Compliance to legal and statutory / regulatory requirements across its global operations
Continuity of operations in line with business requirements and obligations to its stakeholders
Inclusion of security responsibilities of various departments / individuals to adhere to this Policy
Adequate security awareness and competence among associates at all levels to fulfill these responsibilities
Avenues for associates and other stakeholders to report security weaknesses, violations or disruption of services
A robust response framework to handle security weaknesses, violations or disruption of services
Governance of security performance against appropriate targets and objectives, enabling continuous improvements

This Policy will be supported by Standards, Procedures and Guidelines (Security Management System) and will be made available to all stakeholders who are expected to contribute towards the effective implementation and deployment of these security norms.

The Security Management System will be periodically reviewed to ensure its continuing applicability and relevance to our operations and evolving stakeholder expectations.

This Policy will extend to TCS globally and its wholly owned subsidiaries in all geographies, and will be applicable to all its associates, business associates and external parties having access and usage rights to its infrastructure, IT systems and/or Information resources. Consequences arising out of violations or contravention to any of the objectives of this Policy will be equally applicable to all associates of TCS and its wholly owned subsidiaries globally and external parties.