ISO:Information Security

Information Security

The Board of Directors and senior management of Hornbill Ltd (Hornbill) are committed to preserving the confidentiality, integrity and availability of all physical and information assets owned and controlled by the company. Hornbill is committed to implementing a Secure Operating Model structured and conformant with the internationally recognised standard for an Information Security Management System (ISMS) ISO/IEC 27001:2013.

Information is only accessible to those authorised to access it and therefore preventing both deliberate and accidental unauthorised access to Hornbill’s information and proprietary knowledge and its systems including networks, websites, and associated software applications.

This includes safeguarding the accuracy and completeness of information and processing methods, and therefore requires preventing deliberate or accidental, partial or complete, destruction or unauthorised modification, of either physical assets or electronic data. The information and associated assets should be accessible to authorised users when required, and therefore be physically secure. Internal and external networks must be resilient and Hornbill must be able to detect and respond rapidly to incidents (such as viruses and other malware) that threaten the continued availability of assets, systems and information.

Senior management, full and part time employees, sub-contractors, project consultants and any other external parties have, and will be made aware of, their responsibilities to preserve information security, to report security breaches, and to act in accordance with the requirements of the Hornbill’s ISMS. The consequences of security policy violations are described in Hornbill’s disciplinary processes contained with the HR policy. All will receive information security awareness training and specialist employees will receive appropriately focused training as required to meet Hornbill’s business, contractual, and regulatory requirements and obligations.