iCOM Works Limited Information Security Policy

iCOM Works Ltd. provides a range of reward solutions that deliver benefit, loyalty and incentive outcomes for employees and customers. The company considers Information Security aspects as a top priority for customer confidence, legal, regulatory and contractual compliance and the protection of its reputation and brand. We therefore commit to ensuring all information is handled in a secure manner and maintaining the ISMS to meet the requirements of ISO27001:2013 and Cyber Essentials in pursuit of its primary objectives. 

iCOM Works Ltd exercises due care and due diligence on a continual basis to protect Information Systems from unauthorised access, use, disclosure, destruction, modification, disruption or distribution be it deliberate or accidental. This will ensure that our reputation with our clients and all related interested parties is maintained through confidentiality, integrity and availability.

The company objective is to ensure business continuity and minimise business damage by preventing and minimising the impact of any security incidents. In deploying the Information Security Management System (ISMS), the Management Team aim to maintain existing known risks at their current low level and ensure that new and changing risks are managed in an equally consistent and professional manner. 

Responsibilities

  • The ISMS Managers are directly responsible for maintaining the ISMS and providing advice and guidance on its implementation.

  • All Managers are directly responsible for implementing the ISMS within their business areas, and for adherence by their staff through policies and training and ensuring that all staff have a proper understanding of what is required of them.

 

  • It is the responsibility of each member of staff to adhere to the ISMS. Failure to do so may result in disciplinary action.

 

  • Additionally, Management will ensure any contractor employed for a particular function will meet the requirements specified and accept responsibility for their actions.

 

  • The overall responsibility for ensuring that the ISMS is implemented, developed and reviewed effectively rests with the Managing Director. This responsibility will be delegated throughout the management structure reflecting our continued commitment to Security at all levels throughout iCOM Works Ltd.

 

 

The company has a Policy of Continual Improvement and Objective setting in line with the ISO 27001:2013 Standard requirements.

Objectives and targets are set to meet the requirements of this policy and are reviewed regularly at management reviews. The policy will be made available to interested parties as appropriate.

The ISMS will be monitored regularly under the Management Team’s ultimate responsibility with regular reporting of the status and effectiveness at all levels.

This statement represents our general position on Information Security issues, and the policies and practices we will apply in conducting our business.

David Baker

Managing Director

3rd April 2019