Information Security Policy

Unity Five Limited understands the importance of its assets and protecting its confidentiality, integrity and availability of all digital and physical assets throughout the organisation.

The information and security requirements will continue to be aligned with our business objectives. We are therefore committed to establishing and maintaining a Information Security Management System:

• Provides assurance within the company and to our clients, partners and interested parties, that the availability, integrity and confidentiality of their information will be maintained appropriately;
• Assesses risks on a continual basis and establish mitigational measures commensurate with business impact, especially with regard to the company’s reputation, for securely handling customer property and associated information;
• Sets standards for information processing and handling that are communicated to all employees;
• Sets standards for handling security incidents and weaknesses such as to minimise their impact;
• Protects the company’s ongoing ability to meet contractual commitments through appropriate Business Continuity;
• Takes into account business, legal, regulatory requirements and contractual security obligations.

Unity Five Limited aims to provide specific, defined security objectives, which are developed into the business that aligns with the business strategic objectives, the context of the organisation, results of risk assessments and the risk assessment plans. We are committed to ensuring:

• Implementation of an Information Security Management System that conforms with the requirements of ISO 27001;
• Protecting Unity Fives Limited information assets;
• Ensure employees are responsible and accountable for information security;
• Ensure business continuity, keeping the highest levels of quality;
• Respond to changes in context of the organisation, as appropriate, ensuring where possible, continuous improvement.

All employees (and relevant external parties) are expected to comply with this policy, and with all elements of the Information Security Management System. All relevant interested parties will receive training to ensure they comply with the requirements of the standard.

This policy is subject to continuous review and improvement.