Zutec recognises that through the day-to-day operation of its business, we have an impact on our internal and external environment. Also, we ensure that due consideration is given to the potential impact that Information Security aspects may have on the operation of our core processes. As a result, Zutec has established this Information Security Policy Statement, to communicate awareness and understanding of Information Security aspects throughout the business.
Information Security Leadership
Zutec has appointed Mike White to develop and implement company initiatives to help us achieve our Information Security goals. Their role will also involve communicating Zutec’s policies to all interested parties through the delivery of internal presentations and promoting awareness externally as appropriate. Information Security aspects are considered at our monthly management meetings.
While Zutec ensures that all personnel consider process related Information Security impacts, we also have identified the following aspects for particular attention:
- Zutec ensures that we meet relevant regulatory requirements and minimise any adverse Information Security effects caused as a result of our activities
- That we raise awareness, provide knowledge and support to employees on Information Security management
- Give training on the importance of protecting business and customer information throughout our business
- Promote an awareness of Information Security objectives
- Regularly review our Information Security practices and policy in accordance with the principles ISO 27001
- Establish performance objectives, targets and management programmes to achieve these
- Zutec is committed to the continual improvement of the ISMS
Zutec’s current business strategy and framework for risk management are the guidelines for identifying, assessing, evaluating and controlling information related risks through establishing and maintaining the information security policy. All risk assessments are carried out with the main objective being to manage the Confidentiality, Integrity and Availability of company information and systems. The detailed arrangements for implementation of this policy and objectives are defined in the relevant ISMS documentation, which is available to all interested parties upon request.
The scope of the ISMS applies to the global provision of project collaboration and data solutions software as a service, software development and engineering process managed services from its head office in Dublin. It covers the management of information and business activities that support these services in accordance with the ISMS Statement of Applicability dated 17.09.2019. The scope includes staff and assets that support this function based at the head office.