Scope of the Policy
We believe that information security, both the principles and application, is at the heart of
the foundations of our business. Information Security policies and documents represent the
trust given to us by our clients to handle their information, which have great bearing on the
reputation of their businesses and therefore ours.
Although we make use of sophisticated technology to enforce and apply our policies, the goal to keep information secure and make improvements to effectively manage new opportunities and threats, requires the concerted effort of everyone in the business to do their part.
We require all employees and the third parties that work for us, to adhere to the ISMS
requirements and communicate them to others so we can achieve our commitments to
satisfy applicable requirements related to information security and to the continual
improvement of the ISMS. We make key documents available to interested parties so they are aware of our commitment to information security and are aware of any security obligations
they have.
We have an ISMS Steering Committee (ISMS SC) that is responsible for managing ISMS tasksand reporting on information security performance to Directors. The ISMS SC is chaired by the CEO. The other members are the CTO - who is our Information Security Manager – the Technical Director and an external consultant with a background in Information Security.
The Information Security Manager is the main contact point, with the Technical Director
acting as the deputy, for any questions about information security, and to obtain the latest
version of policies, guidelines and procedures.
Daniel Botterill
CEO
