Difference between revisions of "ISO:Management Systems"
Jump to navigation
Jump to search
(Created page with "==Data Protection and Privacy== Hornbill Technologies is committed to compliance with all national and, where appropriate, international laws relating to the protection of per...") |
|||
| (3 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| + | This document can now be found at its new location in the [https://docs.hornbill.com/hornbill-cloud/iso/management-systems/ Hornbill Document Library]. | ||
| + | |||
| + | [[file:hornbill-document-library.png|Hornbill Cloud|link=https://docs.hornbill.com/hornbill-cloud/iso/management-systems/]] | ||
| + | |||
| + | <!-- | ||
==Data Protection and Privacy== | ==Data Protection and Privacy== | ||
Hornbill Technologies is committed to compliance with all national and, where appropriate, international laws relating to the protection of personal data and individual privacy. | Hornbill Technologies is committed to compliance with all national and, where appropriate, international laws relating to the protection of personal data and individual privacy. | ||
| − | The Chief Technical Officer is Hornbill Technologies’ Data | + | The Chief Technical Officer is Hornbill Technologies’ Data Security Officer. Personal data is classified as Restricted, and is available only to those who need to deal with it. |
The policy applies to all personal data held by Hornbill Technologies, including on wireless notebook computers, and mobile telephones, etc. | The policy applies to all personal data held by Hornbill Technologies, including on wireless notebook computers, and mobile telephones, etc. | ||
All staff will be provided with training to ensure that they understand Hornbill Technologies policy and the procedures it has put into place to implement that policy. | All staff will be provided with training to ensure that they understand Hornbill Technologies policy and the procedures it has put into place to implement that policy. | ||
| Line 22: | Line 27: | ||
==Penetration Testing == | ==Penetration Testing == | ||
As well as frequent tests undertaken by Hornbill we utilise external security companies to validate our results and services at least annually. The testing is against all infrastructure (Both on Premise and in Data Centers) and software used. Results of tests are available on request and certificates via https://www.hornbill.com | As well as frequent tests undertaken by Hornbill we utilise external security companies to validate our results and services at least annually. The testing is against all infrastructure (Both on Premise and in Data Centers) and software used. Results of tests are available on request and certificates via https://www.hornbill.com | ||
| + | |||
| + | |||
| + | ==Control of Records== | ||
| + | |||
| + | Asset owners are responsible for identifying the records that are generated by the processes or assets for which they are responsible, or which should be generated to indicate conformity with the ISMS, and for ensuring that they are controlled in line with this procedure. Records will meet the legal, regulatory and contractual requirements of Hornbill Technologies. Records must remain legible, readily identifiable and retrievable. | ||
| + | |||
| + | The retention period for the record is determined by Hornbill Technologies’ overall approach to document and record retention | ||
| + | |||
| + | Records are subject to the levels of protection appropriate to information of their classification level (i.e. at least the same as that of the asset to which they relate or the information they contain) and they are therefore protected, stored, maintained and disposed of in line with the requirements of the ISMS | ||
| + | --> | ||
| + | [[Category:HDOC]] | ||
| + | |||
| + | <!-- hornbill-cloud/iso/management-systems --> | ||
