Introduction and Purpose
At Iron Code Ltd we recognise the value inherent in information. Our ongoing success depends on the designs, code, and knowledge that power our services being correct, available and known only to us. In turn our clients depend on our services to reliably collect, store and process the information which underpins their businesses. Safeguarding the value in the information we handle is therefore a fundamental principle of our business and is core to our approach.
This document defines the high-level policy of Iron Code Ltd and its approach to the protection of the confidentiality, integrity and availability of information owned by the company and stored and processed on behalf of its customers.
Scope
This policy applies:
- all information created, stored, processed and transmitted by Iron Code Ltd in the course of its business,
- all information stored, processed and transmitted by Iron Code Ltd on behalf of its customers,
- all Directors, employees, contractors and agents of Iron Code Ltd
- all information processing systems operated by or on behalf of Iron Code Ltd.
- all information processing services offered by Iron Code Ltd.
Policy
- At Iron Code Ltd we are committed to protecting the security of information to ensure:
- information entrusted to us is kept confidential and not disclosed to anyone not authorised to receive it,
- information we store and process retains its integrity keeping it reliable and accurate,
- information is available when needed by those with a right and need to access it.
- We will comply with all applicable legislation and meet all legal requirements pertaining to the security of personal and other regulated information in the territories in which we operate.
- Where our customers have specific regulatory requirements we will develop our products and services to ensure these requirements are fulfilled.
- A risk based approach is used to identify the technical and procedural security controls and countermeasures necessary to protect information against deliberate, accidental and naturally occurring threats.
- We work with an independent information security consultancy who provide specialist security advice and support in the development of our products and the operation of our services.
- All software we produce is developed following secure coding practices to minimise the risk of any exploitable vulnerabilities.