The Information Security Policy of the Company is –
• To establish and maintain an Information Security Management System which satisfies the requirements of ISO 27001:2013, and any other Client specific quality requirements.
• To consistently provide information security in a manner which will satisfy Client requirements in all respects.
• To implement appropriate actions to address any risks and opportunities associated with internal / external issues, and to meet the needs and expectations of interested parties.
• To ensure all Company personnel are fully competent to conduct their assigned task.
• To strive to continually improve our services provided to Clients, through the use of this Information Security Policy, objectives, performance evaluation including audit results, corrective actions and at Management Review.
• To establish annual Information Security objectives at strategic and operational levels within the Company, which will be measured and reported upon at the management review meeting.• To maintain documented information as objective evidence to demonstrate compliance with the Information Security Management System
• To control & continually monitor all projects undertaken.
• To comply as a minimum with all applicable statutory and regulatory requirements.
• To review the Information Security Management System at planned intervals to ensure it is effective and achieving the stated quality policy.
• This IMS Policy Manual is further supported with additional policies and Statement of Applicability
The Managing Director is fully committed to the above and actively encourage a similar commitment by personnel at all levels of the Company.
This Information Security Policy is evaluated as part of the overall review of the Information Security Management System to ensure its stated objectives are met.