Information Security Policy.

Introduction

Ensuring the security of information is a critical aspect of our business operations at Toast Design Consultancy Limited. This Information Security Policy outlines the company’s approach to managing information securely and responsibly. It is designed to protect the confidentiality, integrity, and availability of the company’s information assets.

Purpose

The purpose of this policy is to establish guidelines and procedures for all employees, contractors, and third parties to follow to ensure the secure handling of information within the company.

Objectives

  • To maintain the company’s information’s confidentiality, ensure that only authorised personnel have access to it.
  • To preserve the integrity of the company’s information, preventing unauthorized modification or deletion.
  • To ensure the availability of the company’s information when needed.

Scope

This policy applies to all employees, contractors, and third parties accessing the company’s information assets. It covers both digital and physical information storage and processing.

Access Control

  • Multi-factor authentication is required for accessing sensitive company data.
  • Physical access to company premises is controlled through an ID badge system and visitor logs.

Training

All employees must undergo information security training upon onboarding and at regular intervals thereafter. The training will cover general security awareness and specific procedures related to information security risks.

Responsibility

The Chief Information Security Officer (CISO) is responsible for maintaining and updating this policy in line with the company’s risk assessment and business continuity plan.

Communication

This policy will be made available on the company intranet and hard copies will be provided to all staff. Any updates to the policy will be communicated promptly.

Reporting Breaches

Following the company’s data breach reporting procedure, employees must report any actual or potential security breaches immediately.

Review

This policy will be reviewed at least annually or whenever significant changes to the company’s information security risk profile exist.

Note that this content is © Toast Design Consultancy Limited 2022–2024. All rights resererved. Do not copy this content for your own purposes.

Menu
Top