FIRMA Engineering Security Policy
FIRMA Engineering Ltd recognizes the importance of protecting the security of company assets and national, company and customer information. As individuals we all have a responsibility to protect information that we may become aware of as part of our work.
The scope of this policy covers home working, the physical security of company premises, staff, and visitors to the premises, and encompasses all forms of information security such as hard copy and computer stored data; ensuring that customer information and particularly protectively marked and commercially sensitive documentation is dealt with securely.
The FIRMA management team is responsible for the development and upkeep of this policy, ensuring that security is properly managed, and regulatory and legislative requirements are met and supporting documentation is relevant, regularly reviewed and communicated accordingly.
It is the policy of the company that all information will be protected against unauthorised access; confidentiality of information assured, and integrity of information maintained.
Managers whose staff are engaged in working with protectively marked information (PMI) are to ensure that their staff understand the personal responsibilities for security and the requirements of this policy, ensuring the appropriate operating procedures are adhered to and access to PMI information is on a “need to know basis”.
It is the responsibility of each FIRMA Engineering Ltd employee to adhere to this policy and all new staff will receive training on it as part of the induction process.
Advice on security matters will be provided by the FIRMA Management Team. Any breaches of information security, actual or suspected, are to be reported to, and investigated by, the FIRMA Management Team.
