Information Security Management System Policy

It is the policy of Signals Ltd. to maintain an information management system designed to meet the requirements of ISO 27001:2013 in pursuit of its primary objectives, the purpose and the context of the organisation.

Within the scope outlined below, it is the policy of Signals Ltd. to: 

  • Protect the confidentiality, integrity and availability (CIA) of information 

  • Safeguard systems against cyber threats 

  • Manage information security risks through a structured, risk-based approach 

  • Promote a culture of security awareness and accountability and ensure that all employees are made aware of their individual obligations in respect of information security. 

  • Comply with all legal requirements, codes of practice applicable to our activities 

  • Provide the resources, equipment, training, competent staff and any other requirements to enable the company to meet its objectives 

  • Maintain an information security management system (ISMS) that will achieve the company’s information security objectives and seek continual improvement in its effectiveness and performance. 

This Information Security Policy and Business Management System, provides a framework for setting, monitoring, reviewing and achieving the company’s objectives and targets. 

To ensure the company maintains its awareness for continuous improvement, the business management system is regularly reviewed by Senior Management to ensure it remains appropriate and suitable for the company’s needs. The Business Management System is subject to both internal and external annual audits. 

Scope of the Policy

The scope of this policy encompasses both the technical and non-technical operations of the company. This will include: 

  • All employees, contractors and suppliers 

  • All information assets, including data, systems, applications, and networks 

  • All physical locations and remote working environments 

  • All business processes and supporting technologies 

Home
Home