2.1. The Company shall appoint and maintain a permanent working group responsible for ensuring implementation and oversight of information security measures to effectively execute information security protocols.