INFORMATION SECURITY POLICY
Capstone are committed to safeguarding the confidentiality, integrity and availability of all physical and electronic information assets of the company and its clients to ensure that regulatory, operational and contractual requirements are fulfilled.
Capstone are committed to the development and maintenance of the appropriate policies, procedures and guidelines to effect a high standard of information security, reflecting industry best practice.
Capstone monitor, record and log all appropriate activity within its IT network, and the use of its information technology resources.
Capstone are committed to compliance with both regulatory and customer requirements.
Capstone ensure this through a framework of risk management and continuous improvement compliant with ISO 27001:2013. Objectives are agreed and reviewed regularly and are monitored through KPIs.
SUPPLIER SECURITY POLICY
Capstone attaches particular importance to the security of its own, its employees’ and its customers’ data. It is therefore vital that existing and potential new suppliers to Capstone have appropriate security controls to ensure the confidentiality, integrity and appropriate availability of such data is not compromised and these controls are in maintained in accordance with Capstone security policies.
The reference standard for Capstone security policies is ISO27001 and the suppliers shall comply with the principles of that standard at all times.
At a minimum; Suppliers agree to:
- Maintain the confidentiality of any information shared with the supplier by Capstone
- Not to distribute any information to a third party without prior expressed permission from a senior member of management in Capstone
- Allow Capstone, when deemed necessary, to audit their facilities, systems and processes specific to services provided to Capstone
- Ensure that their employees are aware of the nature of the supplier relationship with Capstone and ensure that they are in compliance with the information security requirements at all times