A responsive image
Information Security Management System (ISMS)


Ban Vien Corporation is a Trusted Technology Partner in Software Development & Embedded System development. As a reputable technology corporation, we recognize that it is critical for our sustainable business growth to implement the Information Security Management System (ISMS) that is designed to ensure adequate and appropriate security controls that maintain Confidentiality, Integrity and Availability of information assets. To address it, we have established the ISMS Policy that includes our basic policy on information security and are committed to making company-wide efforts to avoid any information security risks that may impact our business.

A responsive image



The ISMS is designed to ensure adequate and appropriate security controls customized to the needs of Ban Vien Corporation. This policy specifies the requirements for establishing, implementing, monitoring, reviewing, maintaining, and improving documented ISMS within the context of the overall Business requirements.



The Scope of the ISMS covers all Ban Vien business activities and applies to all assets for the entire Ban Vien, which includes all active Ban Vien offices below:

  • Headquarters: Ban Vien Tower, 54-56-58 Street no.2, Van Phuc Residences, Hiep Binh Phuoc Ward, Thu Duc City, Ho Chi Minh City, Vietnam.

  • Tan Thuan Office: Floor 1, KOTITI Building, Road No19C, E-Office Park, Tan Thuan Export Processing Zone, Tan Thuan Dong Ward, District 7, Ho Chi Minh City, Vietnam.

  • Danang Branch Office: Floor 7, ACB Building, No 218, Bach Dang Street, Phuoc Ninh Ward, Hai Chau District, Danang City, Vietnam.

  • Danang Branch Office: Floor 3, Thanh Loi Building, No 3, Le Dinh Ly Street, Vinh Trung Ward, Thanh Khe District, Danang City, Vietnam.

  • Hue Branch Office: Floor 8, HCC Building, No 28, Ly Thuong Kiet Street, Vinh Ninh Ward, Hue City, Vietnam.


Information security initiatives

3.1 ISO/IEC 27001:2013 Certification

BAN VIEN is committed to protecting its business from any information security risks. As part of this effort, we acquired ISO/IEC 27001:2013 certification for ISMS in December 2022. Having obtained this certification, we will endeavor to enhance our information security measures further, maintain, or augment our information security management, and earn additional trust from our customers.

Organization Registered
Scope Of Registration
Information Security Management System Relating to the Provision of Software Development and Software Outsourcing Services
Applicable Standard
ISO/IEC 27001:2013
Certification Registration Number
IS 781404
Date Of Registration
Certificated By
A responsive image
A responsive image
A responsive image

3.2 Risk analysis and risk assessment

We detect, manage, and assess the information assets for threats and vulnerabilities. Based on the asset worth, threat, and vulnerabilities, the risk to them will be assessed. The implementation of sufficient controls is required when the risk value is high.

3.3 Enhancement of information security

We will develop and implement an ISMS to ensure adequate and appropriate security controls that uphold the confidentiality, integrity, and availability of information assets to stop information related to customers, vendors, management, etc., from being leaked, destroyed, or used illegally. Additionally, we offer all employees the necessary instruction and training to uphold and enhance the efficacy of the ISMS.

3.4 Business Continuity Management

We shall establish a contingency plan to secure business continuity, assuming a loss of critical premises caused by fire or lockdown due to Corona virus pandemic, network-related issues, or a large-scale infection disease, etc.

3.5 Evaluation and review of information security measures

We shall review the management and effectiveness of the ISMS on a regular basis for further improvement while making efforts to identify any incidents.