Version 1 – Oct 2018
Next Review – Oct 2020
Beyond Encryption’s Information Security Management System (ISMS) objectives are as follows:
To ensure that all services offered by Beyond Encryption in the management and delivery of secure personal data complies with all requirements under data protection and GDPR regulations.
Regular audits of all data processing and data security activities will take place to ensure the success of and compliance with objective 1.
To conduct annual risk assessments to ensure that the risk to information in the care of Beyond Encryption is minimised and kept within acceptable bounds.
For any new process or development, a full and detailed evaluation of data processes takes place to ensure that the roles of data processor and data controller are fully appreciated and understood as are the means and mechanisms of data transfer.
Full risk assessments are undertaken prior to the development of any new project/activity of Beyond Encryption and the ethos of risk assessment is built in to the project planning and authorisation process up to Senior Management and ultimately Board level.