Document Reference: IM 06 Data Protection Policy
Security
To ensure secure, compliant and manageable Data Security and Business Continuity. The Company has undertaken an analysis of the risks presented by their processing and has used this to assess the appropriate level of security needed. The Company has put in place the following security measures: • An Information Security Policy including steps to make sure the policy is implemented • Additional policies and procedures where required. • Regular internal audits of policies and procedures • Data encryption where it is appropriate to do so • Appropriate onsite and off site encrypted back up process to ensure The Company can restore access to personal data in the event of any incidents • Regular testing and reviews of measures to ensure they remain effective, and to act on the results of those tests where they highlight areas for improvement • All computers are password protected, using a higher security password across the Company • A Business Continuity plan • IT virus scanning is scheduled on a daily basis, and updates and Firewalls are installed and are controlled by our IT company • Regular systems and server monitoring is active, with any issues or failures immediately reported to designated IT Company • Secure Virtual Private Networks (VPN) for any off site employees
Scope
Setting security levels
Security measures
Cox Management Services Ltd ISO 9001 / ISO 14001 / ISO 45001
Rev 6 01/11/2024 PAS99: 2012 Issue 1
Approved: AK
4
Made with FlippingBook Digital Publishing Software