INFORMATION SECURITY POLICY
The Policy of the Company is on a continuing basis to exercise due care and due diligence to protect Information Systems from unauthorised access, use, disclosure, destruction, modification, disruption or distribution.
This will ensure that our reputation with our clients is maintained through confidentiality, integrity and availability.
Management will ensure business, legal, regulatory requirements and contractual security obligations are taken into account.
Risk Assessments against agreed criteria is continually undertaken.
The Management Team bears the responsibility for establishing and maintaining the system and undertakes to ensure its integrity is maintained through instruction and training of its personnel and that each employee has a proper understanding of what is required of them.
Equally every employee has a personal responsibility to maintain this integrity.
Further the Management will ensure any subcontractor employed for a particular function will meet the requirements specified and accept responsibility for their actions.
The Organisation has a Policy of Continuous Improvement and Objective setting in line with the ISO 27001:2013 Standard.
The Information Security Management System will be monitored regularly under the Top Management’s ultimate responsibility with regular reporting of the status and effectiveness at all levels.
The continuing Policy of Exasoft Group is to provide a high quality, professional and efficient service to ensure the satisfaction of all of the requirements of our clients. This achievement will result in securing efficiency, a strong customer focus and enhancement of long-term sustainability and profitability within the Organisation.
The Management Team will show leadership and commitment, and bear the responsibility for establishing, implementing, integrating and maintaining the Quality Management System.
We undertake to ensure sufficient resources are made available within the Organisation to achieve this. We undertake to ensure through communication, engagement, practical example and training that Quality is the aim of all members of the Organisation.
Through direction and support, each employee will have a proper understanding of the importance of the Quality System function, their responsibility to contribute to its effectiveness, and its direct relevance to the success of the Organisation.
Equally, every employee is responsible for, and will be trained to perform the duties required by his or her specific role.
The Organisation has a Policy of promoting continual improvement and setting of Quality Objectives in line with the framework laid down within ISO 9001:2015 Standard. These objectives will address the risks and opportunities within the Organisation as determined by Top Management.
We hereby certify that this Quality Manual accurately describes the Quality System in use within the Organisation to meet the requirements of ISO 9001:2015.
The Quality System will be monitored, measured, evaluated and enhanced regularly under the Top Management’s ultimate responsibility, with regular reporting and communication of the status and effectiveness at all levels.