Purpose & Scope
The purpose of the Policy is to protect Hardware Group’s information from all threats, whether internal or external, deliberate or accidental. The Policy defines how the business complies with the requirements ISO/IEC 27001:2013 with regard to the provision, development, maintenance and security of its information systems.
The leadership team take the safeguarding of information security very seriously and assume full responsibility for implementing, continually improving and setting the overall objectives for maintaining Confidentiality, Integrity and Availability.
This policy will be communicated throughout the business and also to interested parties as required.
Compliance with information security regulation and legislation will be monitored.
A business continuity plan is maintained to minimise interruptions to business activities and to protect critical business information from the effects of major failures.
Information security education, awareness and training will be made available to staff.
All breaches of information security, actual or suspected, will be reported and investigated.
It is the responsibility of each member of staff to adhere to the ISMS Policy and the responsibility of managers to monitor compliance within their teams.
Investment in the security of business systems and site infrastructure will be sustained with individual assets will be registered and controlled.