Information Security Policy Statement
20 June 2024
The Causeway board of directors recognises the significance of integrity and security of information. Causeway’s Information Security Management Framework (ISMF) has been developed to maintain the highest standard of confidentiality, integrity, and availability of internal, customer, and supplier information. This forms part of Causeway’s Integrated Management System (IMS).
The purpose of the ISMF is to protect the organisation’s information assets from all threats, whether internal or external, deliberate or accidental. Corporate information is a critical business asset. These assets are identified and managed in accordance with the risk assessment methodology that endorses the acceptable risk levels.
The success of Causeway’s business is dependent upon the company’s ability to store information securely and retrieve and process it as and when required. Such information and the way it may be processed is subject to UK legislation, or regional as appropriate.
Causeway’s ISMF is achieved by a stringent set of controls, including policies, processes, procedures, and software and hardware functions. These controls are continuously monitored, reviewed, improved, and approved by the Board to ensure that specific security and business objectives are met. This is operated in conjunction with other business management processes and incorporates the applicable statutory, regulatory, and contractual requirements.
Causeway’s ISMF awareness program is incorporated in our induction process and training program. The ISMF is readily accessible internally and presented to existing and prospective customers.
In addition to Causeway employees, Causeway suppliers and contractors are expected to adhere to the ISMF. All employees are empowered to take responsibility for Information Security, and a robust process for identifying and reporting security risks and incidents is in place and is regularly reviewed.
Through compliance with applicable statutory, regulatory, and contractual requirements, and the standard for Information Security Management ISO/IEC 27001, Causeway will demonstrate confidence, integrity, and credibility both internally and externally
Objectives
Causeway’s Information Security objectives are set by the Information Security Team and are cascaded throughout the organisation. The objectives include:
a) To raise awareness of security issues company-wide through proactively communicating the ISMF, incorporating the Information Security policies and supporting procedures;
b) To raise awareness of the benefits of Causeway being ISO 27001 certified to enhance customer loyalty, reputation, and strengthen the Causeway brand;
c) To establish and monitor an effective Information Security Management System to reduce risk to both Causeway and its customers.
A copy of this policy is available for download - HERE
-1.png?width=960&height=685&name=MicrosoftTeams-image%20(53)-1.png)