Information Security Policy

This Information Security policy was drafted to record the commitment of Connect Assist Limited, and its employees, to information security in all areas of the Company operation.
We believe that security is paramount to our business and our client’s purposes, and therefore is critical to ensuring customer services, employment for our local community, reputation and sustainability and growth for our business. The Leadership team are committed to developing and implementing measurable policies and processes, while considering the protection of the Company’s information assets from all threats and vulnerabilities, both internal and external by:

  • Taking appropriate measures to ensure the security of information assets and to maintain the levels of confidentiality, integrity and availability necessary to support the operation of the business
  • Fostering customer confidence by implementing policies and processes that comply with the requirements of ISO 27001, the International Information Security Management System standard, and Cyber Essentials Plus
  • Continually improving the ISO 27001 and Cyber Essentials Plus compliant Business Management System through the establishment and regular review of measurable security objectives at relevant functions and levels of the organisation
  • Setting realistic security objectives and targets as part of the annual business planning and budgeting process, and ensuring progress against these are reviewed as part of regular Business Management System Action Group meetings
  • Committing to comply with business and legal regulatory requirements and contractual security obligations
  • Providing systems for protection against unauthorised access and ensuring confidentiality of data
  • Developing, implementing, and testing a disaster recovery and business continuity plan
  • Ensuring compliance through the supply chain to ensure that all goods and services that we acquire reflect the same high security standards as our own
  • Creating processes to identify and review the risks, threats, vulnerabilities and the impact of breaches on protected information, relating to the Company’s information security assets
  • Communicating all relevant security policies to customers, employees and interested parties
  • Regularly reviewing the Business Management System and required resources, to ensure its continuing suitability, as part of the annual management review process

Back to our team