January 2014

SM

AR

TE

CH

2/13

Introduction, 3

Our Vision, 3

Our Mission, 3

Our People, 4

Service Delivery Focus, 4

Customer Focus, 4

QA/QC Policy, 5

Continuous Improvement Approach (CIA), 5

Corporate Services, 6

Information Security Management System (ISMS) Policy, 7

Security, 7

People, 8

Process, 8

Technology, 8

Problem Escalation Management, 9

List of Clients, 9

Partners, 10

Contact, 10

Brief Profile of Executive Directors, 11

SM

AR

TE

CH

3/13

SMARTECH INFORMATION SECURITY LTD – RC

1000433 is a private limited liability company founded

and incorporated under the Nigerian Company &

Allied Matters Act to carry on business in the areas of Computer & Network Security,

Networking & Web Services, Information Security Risk & Business Continuity

Management, Information Security Standards Evaluations & Compliance, Computer

Forensics (cybercrime investigations & audit), Smart Cards & Identity Management,

Cybercrime Detection & Prevention, Public Key Infrastructure and Management,

Automatic Identification & Loss Prevention Systems, Document Management, and

End-to-End Real Time Visibility & Radio Frequency Identification (RFID) Systems.

SMARTECH provides proactive and modern ICT & Information Security solutions to

emerging challenges in business processes, e-transactions and e-governance from

system design through system integration to a complete enterprise solution. Today,

rapidly growing challenges are resulting in the need for proactive actions both in

institutional processes and technology. We are being stimulated by these dynamics

and the myriads of available technological solutions to offer these specialised

services in the provision of efficient and secure mechanisms for protecting

organisational assets, organisational processes and products, while optimising

enterprise and institutional goals.

Our business philosophy and passion is to be on top of current 21st century

technologies and new innovations as they are being rolled out and to incorporate

these trends in our products/services to drive client’s management decisions that

will improve their enterprise processes and institutional governance.

Given that optimisation and automation needs in business processes and

governance are becoming more vital than ever, embracing the newest technologies

shall be the cornerstone of our quality, innovative and forward-looking service

delivery.

SM

AR

TE

CH

4/13

People at all levels in Smartech are the essence of the company’s existence. We

have motivated, committed and involved personnel that are always eager to

participate in and contribute to continual improvement in our service delivery.

Our services and solutions are driven by our personnel who are experts and

experienced professionals and well versed in contemporary technologies that will

define, develop and deliver the appropriate solutions to address client’s enterprise

and governance mission critical needs and challenges. We equally have robust

technical supports from our partners who are OEM and reputable software

developers around the globe. We collaborate with our partners to mutually provide

business development and consulting services to support teaming opportunities.

In today’s business and governance landscape, it is a never ending struggle –

organisational information security management is becoming more critical as

enterprises are constantly looking for ways to optimise business goals and minimise

cost. Thus, with today’s threat landscape in constant flux, remaining a step ahead is

the tonic required for effective policing of enterprise assets, B2B e-transactions, and

optimisation of business objectives. As a client, you come to realize that this is the

ultimate attribute you expect from us!

At SMARTECH, our deliverable target is to provide fast, reliable and competitive

services to our esteemed clients in full adherence to contract obligations, and

industry practice and standards. Thus, honouring every pledge we make, no matter

how little, remains the very foundation for the service quality we promise our clients.

Our approaches to client service include:

Striving to provide value as defined by the client.

Provide customer-driven services.

Emphasize relationships through efficient customer relationship

management.

At Smartech, we engage our clients to understand their current and future needs in

order to meet their project requirements and strive to exceed their expectations.

SM

AR

TE

CH

5/13

Our customer relationship management is based on:

Ensuring that project objectives of clients are linked to client’s needs and

expectations.

Systematically manage client’s relationships with adequate feedback

mechanism.

Ensuring a balanced approach between satisfying clients and other interested

parties (such as owners, employees, local communities and society in

general).

The implementation of quality assurance and quality control (QA/QC) procedures is

an integral part in the execution of any project in Smartech. As described in ISO

9001 Quality Management Systems, it is our policy to ensure that clients get

consistent, good quality products and services at all times.

Continuous improvement of Smartech’s overall performance is a permanent

objective of the company. Our Continuous Improvement Approach (CIA) is an

ongoing effort to improve our products, services and processes to provide

excellence and added value for our esteemed clients. In Smartech, it is our belief

that continuous improvement isn’t one particular system or specific way of

performing a task, it is a mindset, based on the conviction that there is always a

superior way of doing things and therefore a journey that never ends.

Our 3 step model approach to continuous improvement includes:

1. Look before you leap

2. Idea generation

3. Review, refine and test out

SM

AR

TE

CH

6/13

Smartech provide global C4ISR portfolio of products/services which include

Command, Control, Communication, Computers, Intelligence, Surveillance and

Reconnaissance as summarised below:

End-to-End Visibility & Radio Frequency Identification (RFID) Systems

Real-Time Inventory Management & Asset Visibility & Tracking

Petroleum Pipeline Intrusion Detection & Monitoring

File/Document Tracking/Management

Weapons & Armoury Management

SmartFleet – Vehicle Intelligent Solution

Retail Security & Loss Prevention

Library Automation & Security System

RFID in Health Care

Smart Card and Identity Management Solutions

Automated Toll Gate & Electronic Ticketing for Mass Transportation

System

Employee/Staff ID & Student ID With e-Wallet

Drivers Licence & Third-Party Motor Vehicle Insurance Certificate

Public Key Infrastructure (PKI) Systems

Provision of Symmetric Keys for data Encryption & Decryption

Provision of Digital Signatures

PKI Design, Implementation and Management

Information Security Risk Management & Networking

Information Security Risk Assessment

Business Continuity Management

Information Security System Audit and Digital Forensics

Networks Design, Implementation, Operation & Security

ERP Development and Integration

Smart/Intelligent Electronic Security

Smart IP Surveillance

LTA Reconnaissance Systems

Aerostat systems

SM

AR

TE

CH

7/13

In this age of knowledge economy and information society, information in all its

forms has become, more than ever before, the currency of everyday interactions,

debate, enlightenment, education, commerce, controversy and concern. Where

information is held by Institutions or businesses, our employees are expected to

ensure that they have proper regard to its Confidentiality, Integrity, and Availability

of its data and information systems.

The aim of this policy is to ensure that employees of Smartech all understand the

importance of Information Security Management as it relates to project’s

information they gather, process and store and the legal and ethical responsibilities

that are incumbent on them both as individuals and as members of staff.

Smartech is specifically committed to preserving the confidentiality, integrity and

availability of documentation and data supplied by, generated by and held on behalf

of client or third parties pursuant to the carrying out of work agreed by contract in

accordance with the requirements of ISO 27001: 2005 “Information technology –

security techniques – information security management systems (ISMS) –

requirements”.

These commitments are made in the recognition that adherence to these principles

is consistent with the mission and values of Smartech and critical to its core

business; strategic plans; and legal, regulatory and contractual requirements.

Our ISMS policy guideline is given below:

1. SECURITY

Keeping information secure is paramount to what we do and we take extensive care

towards protecting information assets. Our processes, procedures and infrastructure

are designed to meet these requirements.

This can be expressed as a Security Matrix as depicted below.

SM

AR

TE

CH

8/13

2. PEOPLE

People are the most crucial aspect to be considered in implementing any security

measures. They can either make or break the system. We carry out stringent

background checks before employing any staff. We ensure that the team is

adequately trained and are completely aware and sensitive to the confidential

nature of the data and information they handle and the consequences of

irresponsible handling of this information.

All the employees are bound by confidentiality agreements as part of the project

execution process. Besides this if required, we can also sign an additional

confidentiality agreement for the specific project that they will be working on.

3. PROCESS

We have clearly defined processes that ensure that the information is handled

responsibly. Information is shared only on a “need to know” basis and no one other

than the people directly involved in the project have access to the information of the

project.

The following processes are implemented.

Logical Access Control

Password Security and Controls

Network and Telecommunication Security

Electronic Mail Security

Backup and Recovery Process

Operating system security

Internet Access & Security

Firewall Security

Virus Protection

Acceptable Usage Policy

Incident Response and Management (Mandatory Procedure)

4. TECHNOLOGY

Besides the people and the process, we have in place the systems required to ensure

that data and physical security are adequately addressed. Entry into the premises

and the various project areas is restricted and access control devices and monitoring

systems are in place to prevent and detect unauthorized access.

The systems used during the execution of any project do not have any external

drives and hence no data can be copied onto external storage media. The print

permissions are restricted and carefully monitored to prevent misuse.

SM

AR

TE

CH

9/13

Audit trails of all system activities are maintained.

What this means for our Clients:

Assurance that customer data is safe

IT Infrastructure is protected against hacking

Software systems are tested for security issues

Heightened sense of security awareness among employees

In Smartech, the Customer is the King – thus we are very critical in any event that

would negatively impact the service fulfilment to the customer or where the

customer is not satisfied.

Computing platforms, networks, desktops, peripherals, and associated facilities are

critical components in daily business processes. These systems, applications, and

environment that connect users to these, are subject to events causing service

interruptions, degradation and unavailability. The purpose of our Problem

Escalation Procedure is therefore to provide a repeatable, structured, consistent,

and measurable process to ensure that client’s service interruptions receive the

appropriate level of attention and focus for problem resolution.

The procedure defines and describes the roles, responsibilities, and activities to

follow when escalating problems within Smartech, and the minimum information

needed to communicate system problem status. The goal of this Problem

Escalation procedure is to establish a clear set of events, actions, and results that

promote the successful resolution of anticipated or reported problems by clients,

while minimizing negative impacts and maximizing resource availability.

Lee Engineering & Const. Co. Ltd

SM

AR

TE

CH

10/13

2, Dambata Close, Area 7

P.O. Box 17443

Garki 900246

Abuja, FCT

Nigeria

Tel: +234 (0) 818 677 8805

email: info@smartechinfosec.com

website: http://www.smartechinfosec.com

SM

AR

TE

CH

11/13

NAME: Emmanuel Obaro OHWADUA

POSITION: Managing Partner

Mobile: 0817 039 2222

email: eohwadua@smartechinfosec.com

PERSONAL PROFILE

Emmanuel Obaro Ohwadua has multi-disciplined educational background that cut

across the Mathematical Sciences, ICT, Management and Engineering. He is an

Information Security System Architect with specialisation in Identity Management

technologies, Cyber Security and Cryptography; an author; and a management

consultant with a knack for business process re-engineering/optimization and

project management.

Ohwadua has a work history of over 16 years in the Netherlands, United Kingdom

and Nigeria. Areas of his work experience include Educational, Engineering, Oil &

Gas, ICT, GSM, and Information Security.

EDUCATIONAL QUALIFICATIONS

DATE COURSE/DEGREE INSTITUTION

2008-2009 MSc Information Security University of London, UK

2007-2008 MSc Mathematics University of Lagos, Nigeria

2003-2005 Master of Process

Engineering (MPE) University of Lagos, Nigeria

2000-2002 Master of Business

Administration (MBA) University of Ado-Ekiti, Nig.

1996-1997 Postgraduate Diploma

in Computer Science (PGDC) University of Abuja, Nigeria

1991-1995 BSc (Hons) Mathematics (2:1) Ambrose Ali University, Nig.

MEMBERSHIP: Information Security Group (ISG), London, UK.

SM

AR

TE

CH

12/13

NAME: Ifeanyi Gilbert OSSAI

POSITION: Senior Partner

Mobile: 0818 677 8805

email: gossai@smartechinfosec.com

PERSONAL PROFILE

Ifeanyi Ossai has over 25 years experience in Engineering, Security and

Management. His educational background spans through Engineering, Business and

Security. He has masters degrees in Engineering (M. Engr.), Business administration

(MBA) and Information Security (MSc InfoSec).

He has worked in the United Kingdom and Nigeria with specialization in Risk

Management, PKI Management, Information Systems, Identity Management, Cyber

Security, Business Continuity & Recovery Planning, Compliance, Project

Management, Physical Security and Business Development.

EDUCATIONAL QUALIFICATIONS

DATE COURSE/DEGREE INSTITUTION

2008-2009 MSc Information Security University of London, UK

1989-1991 Master’s in Business

Administration (MBA) University of Benin, Nigeria

1986-1988 Master’s in Engineering (M. Engr) University of Nigeria,

Structural Nsukka, Nigeria

1979-1985 Bachelor’s of Engineering (B. Engr)

(Civil) University of Benin, Nigeria

MEMBERSHIP: Information Security Group (ISG), London, UK.

Information System Security Association (ISSA)

ASIS International

SM

AR

TE

CH

13/13

NAME: GUMWOS Ayuba Daniel

POSITION: Partner

Mobile: 0809 386 7368

email: agumwos@smartechinfosec.com

PERSONAL PROFILE

Gumwos, Ayuba Daniel has over 19 years experience in Electronics and Software

Engineering. His educational background spans through Engineering, Business and

Management Information System (MIS). He has Bachelor of Engineering in

Electronics and Software Engineering (BEng), PGD in Computer Science, HND in

Physics/Electronics and NCE in Physics/Mathematics.

He has worked in the United Kingdom and Nigeria with specialization in Chip design

using High Speed NP-CMOS (zipper-Logic), Information Systems design and

assembly, Data Recovery Planning, Project Management and Business

Development. Earlier years of his working career was in the Banking Industry as MIS

Officer.

EDUCATIONAL QUALIFICATIONS

DATE COURSE/DEGREE INSTITUTION

2012 BEng (Elec./Software Engineering) Loughborough University,

UK

2001 PGD (Computer Science) University of Abuja, Nigeria

1995 HND (Physics/Electronics) University of Jos, Nigeria

MEMBERSHIP: Institute of Engineering Technology (IET)