2013 Registered Information Security Policy
Data security is always at the heart of everything we do at Walpole Partnership, and the ISO 27001 System has provided a structure for managing information within the company, and demonstrates our commitment to the security of our customers’ data.
The policy of the company is on a continuing basis to exercise due care and due diligence to protect information systems from unauthorised access, use, disclosure, destruction, modification, disruption or distribution.
This will ensure that our reputation with our clients is maintained through confidentiality, integrity and availability.
Management will ensure business, legal, regulatory requirements and contractual security obligations are taken into account.
Risk assessments against agreed criteria is continually undertaken.
The management team bears the responsibility for establishing and maintaining the system and undertakes to ensure its integrity is maintained through instruction and training of its personnel and that each employee has a proper understanding of what is required of them.
Equally every employee has a personal responsibility to maintain this integrity.
Further the management will ensure any subcontractor employed for a particular function will meet the requirements specified and accept responsibility for their actions.
The organisation has a policy of continuous improvement and objective setting in line with the ISO 27001:2013 Standard.
The information security management system will be monitored regularly under the top management’s ultimate responsibility with regular reporting of the status and effectiveness at all levels.
To find out more about how trust has been built in the Partnership since implementing ISO 27001, please check out this case study published by ISO QSL.
We are ISO 27001 certified and our last audit took place in 2020.