Information Security Assurance Policy
We have implemented an Information Security Management System, complying with the requirements of ISO 27001, to ensure that we assess risks within the business and strive to prevent security incidents.
The scope of this Security Management System includes information stored on computers, transmitted across networks, printed out or written on paper, stored on portable media or spoken in conversation or over the telephone.
It is our policy to ensure that:
- All breaches of Information Security, actual or suspected, are reported and investigated.
- Confidentiality of information is assured.
- Integrity of information is maintained.
- Regulatory and legislative requirements, together with any contractual security obligations, are met.
- Information is protected against unauthorised access
- Objectives and targets are set and monitored to achieve continual improvement in our Information Security Management System.
- Information Security Training is provided, where required.
- Procedures and instructions are implemented to support this policy.
All Managers are directly responsible for implementing the policy within their business areas, and for adherence by their staff.
It is the responsibility of each employee to abide by this Information Security Policy.
Chief Executive Officer
12th April 2018