Information Security Policy
29th January 2019
Systal recognises that information is an important business asset and treats all aspects of information security with the utmost seriousness. We are committed to ensuring that all information is safeguarded from loss, unauthorised access or misuse whether that information is owned by us or our clients. Using the methodology of ISO 27001:2013, we have established procedures to protect against such instances. The purpose of this Policy is to protect the company’s information assets from all threats, whether internal or external, deliberate or accidental. The Senior Management Team has approved this Policy which applies to all of Systal’s staff, sub-contractors and site visitors.
We are specialists in the provisioning of optimum data availability and data integrity in a robust secure environment to the delivery of enterprise class wireless networking solutions.
From our Network Operation Centre, we provide our Customers a first class Managed Service Solution from Networks. In addition, our Services include : Managed Network Operations, Network Solutions, Enterprise Network Services, Unified Comms, Professional Services, Hardware and Infrastructure Services and Project Services.
Our services are coordinated from and carried out at our Glasgow Head Office and warehousing facilities for commercial clients in the UK, EU and worldwide.
All managers are directly responsible for implementing the Policy within their business areas, including developing and communicating relevant procedures that will eliminate potential, security breaches and/or non-compliance with this Policy. Our ongoing strategic aims and objectives are to achieve sustainable growth, ensure the continuing high quality service levels we provide and ensure we are listening to our customers and providing them with solutions that meet their developing needs. Our management system goals, set annually, focus on improving specific areas within the business to improve efficiency and minimise risks wherever practical.
Our objectives, and their progress, are communicated throughout Systal periodically.
IT IS OUR POLICY TO ENSURE THAT:
Information will be protected against unauthorised access
- Confidentiality of information is assured
- Integrity of information is maintained
- Business Continuity plans will be produced, maintained and tested
- Information security training will be provided to all personnel
- Security statements will be issued and signed by all personnel
- Risks posed to the organisation will be discussed, understood, and controlled
- All information security incidents (breaches, threats, weaknesses or malfunctions) will be reported to the Compliance Team and investigated through the appropriate management channel
- Regulatory, contractual and legal requirements will be complied with
- Information assets will be classified and protected as required
- Physical, logical, environmental and communications security will be maintained
- Operational procedures and responsibilities will be maintained
It is the responsibility of each employee to adhere to the policy and report any suspected breaches to senior Management for appropriate action.
We are fully committed to complying with ISO 27001:2013 as well as all statutory legislation applicable to our activities and we shall periodically evaluate our compliance and report it through the Management Review process. We will ensure the implementation and continuous improvement of our management system. Our Information Security Policy is communicated to all personnel employed within the Company and made available to any interested party to ensure all requirements are understood, implemented and met. Our Information Security Policy and Objectives are reviewed, and reported at least annually, by Management during our Management Review Process.
Systal Managing Director