Information Security Policy
Objective
The organisation provides management direction and support for information security in accordance with business requirements and relevant laws and regulations.
Policy
The Information Security Management Policy (SDK-IS04001) is issued with the approval and support of the Managing Director (MD) and the Information Security Steering Committee (ISSC) and is maintained by the Information Security Officer. This Policy has been published and communicated to all staff on the corporate intranet and will be issued to relevant external parties.
The MD and ISSC are committed to preserving the confidentiality, integrity and availability of all assets of value to the organisation, both physical and information assets, including client assets whilst in SDK’s possession.
It is the Policy of SDK to ensure that:
- Information will be protected against unauthorised access.
- Confidentiality of information will be assured.
- Integrity of information will be maintained.
- Availability will be monitored.
- Regulatory and legislative requirements will be met.
- Business continuity plans will be produced and maintained.
- Information security training will be available to all staff.
- All breaches of information security, actual or suspected, will be reported to, and investigated by, the Information Security Officer.
