collabco-hero

Policies

Quality Policy

We will ensure that our software products and services meet our customer’s expectations, our own high standards and comply with all relevant regulations.

Specific quality objectives will be set and reviewed through our management review process. To help achieve these, we will maintain a quality system that meets BS EN ISO 9001 – “Quality Management Systems – Requirements”.

We must strive to continually improve our performance by regularly evaluating our products and services and identifying actions to ensure that our objectives are achieved and that problems are prevented.

Information Security Policy

It is our policy to:-

  • To protect all our information assets against loss of confidentiality, integrity or availability.
  • Mitigate the risks associated with the theft, loss, misuse, damage or abuse of these assets.
  • Ensure that information users are aware of and comply with all current and relevant information security regulations and legislation.
  • Provide a safe and secure information system working environment for staff and any other authorised users.
  • Make certain that all authorised users understand and comply with this policy and supporting policies and procedures
  • Protect the organisation from liability or damage through the misuse of its information.
  • Ensure that all users understand their own responsibilities for protecting the confidentiality and integrity of the information they handle.

Specific information security objectives will be set and reviewed through our management review process. To help achieve these, we will maintain a information security system that meets BS EN ISO 27001 – “Information Security Management Systems – Requirements”.

We will assess and regularly review all information security risks through our risk assessment process and we will define the necessary controls to mitigate these risks.

We will define information security objectives and improvement actions that are related to this policy and to our information security risks. We will regularly evaluate progress against these objectives through our ‘Management Review’ process.

We will monitor access to and use of our information in order to establish the effectiveness of our information management system and to identify potential improvements.

Any staff or other authorised user that suspects there has been or is likely to be a breach of information security has a duty to immediately inform a member of management. In the event of a suspected or actual security breach, we may disable or remove any users, data or anything else necessary to secure our information systems.

This policy applies to all employees, visitors, contractors, suppliers and any other parties accessing our information. This policy relates to the use of all our information assets, to all privately owned systems when connected directly or indirectly to our information systems and to all owned and/or licensed software/data.

Any failure to comply with this policy may lead to disciplinary action, including dismissal, or prosecution. In the case of a contractor or supplier failing to comply with this policy, their contract may be cancelled and the contractor or supplier reported to relevant authorities, including the police.