STICS is committed to protect its people, material assets and reputation from deliberate harm. This includes the protection of any confidential information against loss, unauthorized access and misuse.
STICS takes the security of confidential information very seriously and it is our policy to ensure that:
✓ All data is appropriately protected (collected, stored, communicated and disposed) and is not divulged to any third party without appropriate authorization.
✓ The premises are protected by suitable physical security and environmental controls, and where appropriate, access is restricted to authorized employees.
✓ Confidentiality, Integrity and Availability of all information is maintained; information is made accessible as per business need / requirement and is protected against unauthorized access.
✓ Access to organizational data and personnel data is appropriately controlled and access to confidential data is restricted to those who need it for a legitimate work purpose.
✓ Contractual, regulatory and legislative requirements are met.
✓ A business continuity plan is devised, tested and maintained.
✓ Information Security training is available for all employees.
✓ Risk assessment methodology selected shall ensure that risk assessments produce comparable and reproducible results.
✓ Confidential data controls and threats are subject to regular review.
✓ All employees are aware of their responsibility to adhere to the policy and ensure that all breaches of information security, actual or suspected are reported and investigated.
Management is committed to continually improve the effectiveness of the Information Security Management System conforming to the requirements of the standard.
The objective of this information security policy is to ensure business continuity and minimize business risks by preventing and minimizing the impact of security incidents. The objective of this policy is to underpin confidentiality, integrity and availability of all the information within STICS.
All employees of STICS have a part to play in the protection of the information and are expected to ensure any confidential information in our control is held securely.
Approved By:
(Managing Director)