Information Security Policy
Iforium’s Management has established an Information Security Policy, which supports the strategic aims of the business and is committed to maintaining and improving information security within Iforium and minimising its exposure to risks. It is therefore Iforium’s policy  to:
- Ensure the confidentiality of all corporate, client and supplier information;
- Protect all information (however stored) against unauthorised access;
- Maintain the integrity of all information;
- Ensure the availability of information, as required;
- Provide information security training for all staff;
- Ensure that the expectations and requirements of all interested parties, in relation to Information Security, are met;
- Make information available to authorised business processes and employees when required;
- Meet all regulatory and legislative requirements;
- Produce business continuity plans for business activities that are regularly maintained and tested;
- Ensure that all breaches of information security, actual or suspected, will be reported to and investigated by Iforium security personnel and opportunities for improvement will be identified and acted upon.
- Communicate this policy statement to the public, through our website and on request.
The policy is dynamic and includes a commitment to continual improvement through a process of incident reporting, risk assessment, risk management and regular audits providing a framework for establishing and reviewing security objectives. Iforium’s Management team is responsible for communicating the company’s Information Security Policy and making sure it is understood at all levels within the business.
Approved By: P Parry
Review Date: 31/01/2020