Information Security policy

Summary of information security policy

 

“Information Security is everybody’s responsibility”

BITS recognises that our information assets are key resources upon which we depend to provide services to our customers and to continue to be a successful organisation. We are committed to protecting the security of information assets and where needed, those of our clients. In support of this we will take all reasonable and appropriate measures to ensure these assets are safeguarded from threats and vulnerabilities and have implemented an Information Security Management System (“ISMS”) which meets the criteria laid out in BS EN ISO/IEC 27001: 2017.

 

This policy allows BITS to:

  • Protect the confidentiality, integrity and availability of information assets
  • Maintain and develop our competitive advantage – our customers have a choice of which IT support company to use, therefore our information about those customers and services they receive from us has a value like any other asset and must be protected
  • Be legally and contractually compliant with regard to the Data Protection Act, customer contractual requirements and any other applicable legislation
  • Continuously improve our information security arrangements
  • Counter security threats and vulnerabilities – some of these threats can be negated by the use of technology, but a large amount can be countered by good management practice and well-informed and trained staff.