Deeson Handbook
  • Home
  • Basics
    • Principles and values
    • Teams
    • Self-organisation
    • Personal accountability
    • Job roles
    • Tools, policies and processes
  • Project delivery
    • How we work
    • Project roles
  • Recruitment
    • Pay for new starters
    • Onboarding
  • Team member benefits
    • Pay
    • Holidays and time off
    • Wellness fund
    • Equipment budget
    • Recruitment bonus
    • Company pension
    • Unlimited training budget
    • Peer recognition scheme
    • Tax-free cycles and e-cycles
    • Charity work and volunteering
    • Paid sabbaticals
  • Personal development
    • Monthly 1 to 1
    • Professional development plan (PDP)
    • Impact scoring
  • Working at Deeson
    • Where and when we work
    • Company engagement
    • Self-scheduling
    • Escalation process
    • Mental health
    • Pay review
    • Promotion or changing roles
    • Guide to maternity, paternity and shared parental leave
    • Time recording
    • Tools, purchasing and equipment
    • Subscriptions
    • Conference attendance
    • London office
    • Canterbury office
    • Writing style guide
    • Staff privacy notice
    • Reference information
    • Guide to remote meetings
    • Remote working
    • Business continuity - Coronavirus (COVID-19)
  • Company Policies and statements
    • Equality policy
    • Social media policy
    • Sickness absence policy
    • Disciplinary policy
    • Computer usage and security policy
    • Health and safety policy
    • Environmental policy
    • Anti-bribery policy
    • Maternity, paternity and shared leave policy
    • Data protection policy
    • Data retention policy
    • Modern slavery policy
    • ISM statement (ISO27001)
    • QM statement (ISO9001)
    • Mental health policy
Powered by GitBook
On this page

Was this helpful?

  1. Company Policies and statements

ISM statement (ISO27001)

PreviousModern slavery policyNextQM statement (ISO9001)

Last updated 4 years ago

Was this helpful?

Information security management statement.

This policy statement outlines my endorsement and intent for Information Security Management (ISM) within Deeson Group Ltd.

Its purpose is to communicate our ISM expectations to all those delivering services upon our behalf or working on our premises.

Some aspects of our operations, including handling client source code and having privileged access to systems, present clear information security requirements, however it is expected that we treat all our client and internal hard copy and electronic information in a secure manner, throughout all our processes.

Our overall ISM objective is to protect the organisation from incidents that might have an adverse effect on the people we work with, our business operations and our professional standing. Information Security issues can include Confidentiality (people obtaining or disclosing information inappropriately), Integrity (information being altered or erroneously validated, whether deliberate or accidental) and Availability (information not being assessable when it is required).

Many types of incident can pose a threat to our effective use of information. This includes performance, consistency, reliability, accuracy and timeliness. More detailed ISM objectives and monitoring will be defined separately to this policy, either within a stand-alone document or within management review.

Our information security management system is based upon the requirements of the international standard BS ISO/IEC 27001:2013 and using this framework, we will assess and manage ISM risk. We shall also understand and comply with any applicable ISM or related legal/regulatory requirements.

This statement has been prepared to demonstrate my commitment to continual improvement within our Information Security Management. This message shall be communicated and understood throughout Deeson and I expect that all persons performing work on our behalf share my commitment to these values.

This policy statement is made available to the public in this handbook, and is subject to annual review to ensure its continued suitability.

Sarah Harris

Managing Director

The Deeson Handbook is licensed under a .

Creative Commons Attribution-ShareAlike 4.0 International License
Creative Commons License