APP Wholesale Ltd Information Security Policy Statement
APP Wholesale Ltd has established an information security policy which supports the strategic aims of the business and is committed to maintaining and improving information security within the company.
Our work means that we deal with very sensitive information about our customers, and we take the security and protection of this information very seriously.
The appropriate, adequate and effective protection of our customer's information that comes into our possession through our work, is of paramount importance to us, and our Information Security Management System (ISMS) has been designed and implemented to do just that.
During our everyday business, we deal with information on behalf of our customers, some of which is highly sensitive. We therefore have a duty of care to appropriately and effectively protect this information.
Building on these principles APP Wholesales Board of Directors recognises the need to keep our customers' information safe and secure. We have therefore decided to invest in strengthening our information governance processes in accordance with the best principles of ISO 27001, the international standard for information security.
A key element of ISO 27001 is the Security Policy and Acceptable Use Policy.
These can be found on the company's IT Support Portal and form an integral part of your employment contract. In addition, the company provides training during induction and throughout your career with APP Wholesale Ltd, and reference materials can be found on the IT Support Portal.
However, it is everyone's responsibility to make themselves aware of what is required from them by the policy. APP Wholesale Ltd takes the security of information very seriously, therefore anyone found in breach of the Security Policy may face disciplinary action, which, depending on the severity of the breach, may be classed as gross misconduct. The policy covers all information, whether it is in our computer systems, on paper, an email etc.
Some key points to remember.
● Your passwords must be kept secret and not disclosed to anyone, including your line manager.
Information should not be downloaded to a USB data stick, CD, external hard drive etc, without the specific permission of the MD or IT Director.
● All documents must be saved to a location which is automatically backed up (In the case of APP Wholesale Ltd, this is your One drive).
● Any data downloaded to be taken off-site must be encrypted.
● Any customer information received by you in the course of your work is confidential and, therefore, must only be disclosed for legitimate business purposes.
APP Wholesale Ltd is committed to maintaining and continuously improving its information security management system, and all employees of APP Wholesale Ltd must read, understand and comply with all of the company's policies.