In DXS International’s Information Security Management Policy, ‘information security’ is defined through the following:
- Management, all full time or part time Employees, sub-contractors, project consultants and any external parties have, and will be made aware of, their responsibilities to:
- Preserve information security;
- To report security breaches and;
- To act in accordance with the requirements of the IMS.
- All Employees will receive information security awareness training and more specialised Employees will receive appropriately specialised information security training.
- Information and associated assets should be accessible to authorised users and physically secure.
- The computer network must be resilient and DXS International must be able to respond rapidly to incidents, such as viruses and other malware.
- Ensuring that information is only accessible to those authorised to access it
- Through confidential passwords and secure logins
- This involves safeguarding the accuracy and completeness of information and processing methods, and therefore requires protection of either physical assets or electronic data.
- There must be appropriate contingency and data backup plans and security incident reporting.
- DXS International must comply with all relevant data-related legislation in those jurisdictions within which it operates