1.1. The Company shall establish, implement in its daily operations, maintain, and continuously improve an information security management system in accordance with the laws of Mongolia and the international ISO 27001:2013 standard. This system shall be designed and operated with the purpose of ensuring the reliable and secure protection of information pertaining to users, client organizations, and shareholders; safeguarding their interests; and maintaining stable and normal business operations of the Company.