Section outline

  • The Company has adopted the below set of principles and objectives to outline and underpin this course and any associated information security procedures: - 

    • Information will be protected in line with all our data protection and security policies and the associated regulations and legislation, notably those relating to data protection, human rights, and the Freedom of Information Act 

    • All information assets will be documented on an Information Asset Register (IAR) by the IT Manager and will be assigned a nominated owner who will be responsible for defining the appropriate uses of the asset and ensuring that appropriate security measures are in place to protect it 

    The Information Asset Registrar can be accessed here - Info_Asset-Register.xlsx  

    • All information will be classified according to an appropriate level of security and will only be made available solely to those who have a legitimate need for access and who are authorised to do so 

    • It is the responsibility of all individuals who have been granted access to any personal or confidential information, to handle it appropriately in accordance with its classification and the data protection principles 

    • Information will be protected against unauthorised access and we will use encryption methods as set out in the above objectives in this course

    • Compliance with this Information Security and associated courses will be enforced and failure to follow either the policy indicated in this course or its associated procedures will result in disciplinary action 

    • Our information security policies should be read and used in conjunction with our GDPR/DPA18 policy program 

    The Director has the overall responsibility for the governance and maintenance of this document and its associated procedures and is hereafter referred to as the assigned person and will review this policy at least annually to ensure this it is still fit for purpose and compliant with all legal, statutory and regulatory requirements and rules. It is the sole responsibility of the assigned person to ensure that these reviews take place.