Information Security Policy Statement

Information security is of critical importance to us

It is Cyan’s policy to make every effort to protect our information assets from threats – whether they be internal or external, deliberate or accidental. Key to this being:

  • Confidentiality – The prevention of unauthorised disclosure of information;
  • Integrity – The prevention of unauthorised change to information;
  • Availability – The appropriate setting of accesses and security levels to prevent unauthorised access and maintain those that are legitimate.

Our commitment to information security is demonstrated through maintenance of an ISO/IEC 27001 certified information security management system (ISMS). A dedicated team have responsibility for reviewing and establishing relevant information security policies and procedures to keep pace with the changing technological world in which we operate.

The ISMS is also regularly audited (both internally and externally) to ensure continued compliance with the globally recognised Standard.

New members of staff receive information security training during their induction period, and all staff are required to undertake regular update sessions to ensure their knowledge and understanding remains current.

We have a separate Privacy Policy explaining the specific arrangements in place regarding the processing of personal data. This can be found here.

Compliance with our information security policies and procedures is a collective responsibility, and one that we all take seriously.

Our full Information Security Policy is available upon request. Please contact us to request a copy.