< Legal >
Source Code Studio as part of The Green Duck Family have established an Information Security Policy, which supports the strategic aims of the company, and is committed to maintaining and improving information security, and minimising exposure to risks.
It is our policy[i] to:
Ensure the confidentiality of corporate and client information
Protect sensitive information against unauthorised access
Maintain the integrity of all information
Ensure the availability of information, as required
Provide information security training for all staff
Ensure that the expectations and requirements of all interested parties, in relation to Information Security, are met
Make information available for authorised business processes and employees when required
Meet all regulatory and legislative requirements
Produce business continuity plans for business activities that are regularly maintained and tested
Ensure that all breaches of information security, actual or suspected, will be reported to and investigated by The Green Duck Family security personnel and opportunities for improvement will be identified and acted upon
Comply with the requirements of ISO 27001[ii] for information security
Communicate this policy statement to the public, through our website and on request[iii]
[i] The policy is dynamic and includes a commitment to continual improvement through a process of incident reporting, risk assessment and regular audits.
[ii] It complements the established ISO 9001 and ISO 14001 Management Systems and provides a framework for establishing and reviewing security objectives.
[iii] The Green Duck Family Management are responsible for communicating the company’s Information Security Policy and making sure it is understood at all levels.