• Use electronic systems primarily for legitimate business purposes aligned with organisational objectives; • Ensure communications are accurate, professional, and in line with quality standards; • Protect confidential, sensitive, and personal data in accordance with data protection legislation; • Follow the organisation’s IT security procedures, including password policies, access controls, and encryption. Users must not : • Use systems for unlawful or unethical purposes; • Install unauthorised software or connect unauthorised devices; • Circumvent security controls or monitoring systems; • Transmit material that is offensive, discriminatory, or harmful to the organisation’s reputation. 5. Email and Messaging • Business emails must be sent using approved company accounts and include accurate, clear, and professional communication. • Confidential or sensitive information must be sent only through approved secure channels. • Users must be vigilant against phishing, malware, and other cyber threats. 6. Internet and Social Media Use • Internet access is primarily for business-related activities supporting the QMS. • Social media use must not compromise quality standards, breach confidentiality, or damage the organisation’s reputation. • Accessing websites or services that pose security, legal, or reputational risks is prohibited. The organisation reserves the right to monitor system usage to ensure compliance with this policy and to support continuous improvement of business processes. • Monitoring will be proportionate, lawful, and in line with UK data protection requirements. 7. Monitoring and Compliance •
Page 22
Document Issue 01 30/09/2025
Draft: In Trial
Not Controlled if printed
ISO 9001 / ISO 14001 / ISO 45001/PAS99: 2012
Made with FlippingBook Digital Publishing Software