Information Security Management Policy
Information is the currency of our time.
Recent rapid advances in technology have changed the way organisations conduct business and led to the birth of new digital economies thriving on the creation, sharing, and analysis of information. Our own company was born during this exciting period and we are ourselves reliant on data and information in order to build a brighter digital future for our clients and us. Information enables our business to thrive and we all have a vital role to play in understanding the importance of information and what we can do to ensure it is protected and kept safe like any other business asset.
Our continued business growth and further expansion is reliant on our underlying information and information systems. Information must be protected from loss, theft, damage, unauthorised disclosure or other forms of harm which could impact our ability to meet business, legal, regulatory or contractual requirements. We have decided that we can best secure our information by implementing an Information Security Management System (ISMS) certified to the International Standard ISO/IEC 27001:2013. All of our business areas are subject to information related risks and this is best managed through an integrated company-wide Information Security Practice conforming to the ISO/IEC 27001:2013 standard. The 6point6 ISMS provides a number of benefits or desired outcomes:
- Maintaining client trust and confidence in our services
- Providing assurance to employees, clients and other interested parties that the confidentiality, integrity and availability of information is maintained
- Ensuring we comply with applicable laws, regulations and contractual obligations related to information security and privacy
- Supporting our growth and expansion into new market segments
An ISO/IEC27001:2013 ISMS is an enabler and foundation for our company to achieve new certifications which could further support business development into new market segments.
Senior management will ensure that a systematic review of performance of the ISMS programme is conducted on a regular basis to ensure desired outcomes and benefits are being met and relevant issues identified through an audit programme and management review process. This ISMS Policy is a statement of that intent and is available to all employees and staff. In addition, it will be communicated to all relevant stakeholders and interested third parties where required.
We all have a part to play in our security culture. Information security is a shared responsibility throughout all who work in and for 6point6.
David Webb CEO
9th May 2019