Information Security Policy Statement
Information security is of critical importance to us
It is Cyan’s policy to make every effort to protect our information assets from threats – whether they be internal or external, deliberate or accidental. Key to this being:
- Confidentiality – The prevention of unauthorised disclosure of information;
- Integrity – The prevention of unauthorised change to information;
- Availability – The appropriate setting of accesses and security levels to prevent unauthorised access and maintain those that are legitimate.
Our commitment to information security is demonstrated through maintenance of an ISO/IEC 27001 certified information security management system (ISMS). A dedicated team have responsibility for reviewing and establishing relevant information security policies and procedures to keep pace with the changing technological world in which we operate.
The ISMS is also regularly audited (both internally and externally) to ensure continued compliance with the globally recognised Standard.
New members of staff receive information security training during their induction period, and all staff are required to undertake regular update sessions to ensure their knowledge and understanding remains current.
Compliance with our information security policies and procedures is a collective responsibility, and one that we all take seriously.
Our full Information Security Policy is available upon request. Please contact us to request a copy.