Support on the Spot Ltd provide a simplistic yet secure approach to IT services, striving to maintain the highest standards in service.
Senior Managers of Support on the Spot Ltd have endorsed the adoption of an Information Security Management System (ISMS) that is designed to be compliant with ISO27001:2013. The purpose of this system is to secure sensitive information belonging to our organisation and information entrusted to us by other organisations together with the facilities used to process and access this information.
Consistent with the requirements of the above standard, we have:
- Conducted a Risk Assessment in respect of Information Security within our organisation. Where unmitigated risks have been identified, we have implemented a plan to treat them. Where residual risks remain, we accept them and will review them when appropriate.
- Identified relevant legislation, regulations and contractual requirements and reflected them in our working procedures. All employees have been advised of their responsibilities in support of securing information within the organisation.
- Allocated responsibilities for various aspects of the ISMS to suitably qualified employees and ensure that it is adequately resourced.
- Take responsibility to ensure that our trading partners discharge their responsibilities in respect of securing any sensitive information we entrust to them.
- Entered into dialogue with other outside organisations where this would assist us to manage information security. This policy document and other requirements of our ISMS has been communicated to others where appropriate.
- Incorporated processes and procedures in order to assess and review the effectiveness of the ISMS and thus continually improve it.
- Established a programme of independent review of the ISMS.
- Established and will continually review our objectives at our annual management reviews.
Compliance with the requirements of this system is a condition of employment for our staff and failures in this respect are subject to our disciplinary process. This system underpins our trading relationships with outside organisations.
This policy is reviewed regularly in the case of influencing changes to ensure it remains appropriate for the business and our ability to serve our customers.