PCSG is committed to managing its information assets in accordance with current legislation, including GDPR, best practice and guidance in ISO 27001:2013.
Information exists in many forms. It may be printed or written on paper, stored electronically, transmitted by post or using electronic means, or spoken in conversation. Appropriate protection is required for all forms of information to ensure business continuity and to avoid breaches of the law and statutory, regulatory and contractual obligations.
To achieve this, it is PCSG’s information security policy to ensure that:
- Information will be protected from unauthorised access
- Confidentiality of information will be assured
- Integrity and traceability of information will be maintained
- Information is only made available to authorised persons
- Regulatory and legislative requirements will be met
- Business continuity plans will be produced, maintained and tested
- Information security and privacy training will be available to all staff
- All breaches of information security, actual or suspected, will be reported investigated and resolved following our documented QEMS procedures
The overall objective is to treat information appropriately and in accordance with the associated risks.
The policy applies to all employees (permanent and temporary) and any associates that utilise PCSG Information and Communication Technology. Our approach to the use of ICT, e-mail and the internet is detailed in our Employee and Associate Handbooks.
The Directors have implemented an Information security management system and are committed to ensuring that this policy is understood and implemented by our staff safely, in line with legislation, regulations and codes of practice.
Professional Construction Strategies Group Ltd