Information security policy
Purpose and scope
The objective of this Information Security Policy is to set the high level policies and principles for information security in Peak Signal.
This policy applies to all staff, associates and contractors. Associated with this policy is the “Acceptable Use Policy” which defines the specific responsibilities for all partners, associates and contractors with respect to information security.
This policy is supported by a number of other policy and procedure documents.
Objective
The objective, supported by this policy and the supporting policies, procedures and activities is,
“To help prevent or minimise the impact of information security incidents or breaches in order to protect our business, reputation and to safeguard our people.”
Roles and responsibilities
The Peak Signal shareholders have responsibility for this policy and for ensuring that partners, associates and contractors adhere to its contents.
Information security policies
We will analyse and understand our information security risks to help us decide what we need in place to meet our information security objective.
We will ensure that information security responsibilities are fully communicated to all partners, associates and contractors
We will understand applicable information security requirements and, in accordance with our risk assessment we will, as appropriate, implement what is necessary to meet those requirements.
We will review our policies and performance routinely in order to improve our approach to information security.
Exceptions
Any exceptions to this policy must be documented and agreed by a majority of the Shareholders.
Non compliance
Failure to comply with this policy and supporting policies and procedures may be considered a disciplinary offence.