Information Security Policy Document
July 2023
This policy statement outlines the CEO’s endorsement and intent for Information Security Management (ISM) within B2WISE. Its purpose is to communicate our ISM expectations to our stakeholders, including those delivering services on our behalf or working on our premises.
Some aspects of our operations, including handling personal data and having privileged access to locations, present precise information security requirements. However, we are expected to treat all our client and internal hard copy and electronic information securely throughout all our processes.
Our overall ISM objective is to protect the organization from incidents that might hurt the people we work with, our business operations, and our professional standing. Information Security issues can include:
- Confidentiality – people obtaining or disclosing information inappropriately
- Integrity – information being altered or erroneously validated, whether deliberate or accidental
- Availability – information not being accessible when it is required
- Privacy – people obtaining or disclosing Personally Identifiable Information (PII).
Many types of incidents can threaten our effective use of information. This includes performance, consistency, reliability, accuracy, and timeliness. More detailed ISM objectives and monitoring will be defined separately from this policy within a stand-alone document or a management review.
Our information security management system will assess and manage ISM risk. We shall also understand and comply with any applicable ISM or related legal/regulatory requirements.
This statement has been prepared to demonstrate a commitment to continual improvement within our Information Security Management. This message shall be communicated and understood throughout B2wise, and all persons performing work on our behalf are expected to share this commitment to these values.
This Policy Statement shall be made available to the public upon request. All employees, temporary staff, contractors, and visitors who enter our worksites shall communicate and adhere to it.
This policy has been approved & authorized by:
Name: |
Kevin Boake |
Position: |
Group CEO |
Date: |
15th July 2023 |