Information Security Policy

Information Security Policy

SE Qld Virtual Assistants is committed to maintaining high-quality standards in delivering timely and cost-effective solutions to our customers by recognising the confidentiality, integrity, and availability of information assets to relevant stakeholders.

The security of information and information assets is regarded as fundamental for the successful business operation of SE Qld Virtual Assistants. SE Qld Virtual Assistants has adopted an Information Security Management System (ISMS) and is committed to ensuring that:

  • Confidentiality of all information assets (information is not disclosed to unauthorised persons through deliberate or careless action). Preserving authorised restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
  • Integrity of all business processes, information assets, and supporting IT assets and processes, through protection from unauthorised modification, guarding against improper information modification or destruction, and ensuring information non-repudiation and authenticity.
  • Availability of all business processes, information assets, and supporting IT assets and processes to authorised users when needed, ensuring timely and reliable access to and use of information.
  • Risks are mitigated to an acceptable level through a comprehensive risk management framework.
  • An incident management process is established and implemented to ensure that all breaches of information security, actual or suspected, are reported and investigated.
  • Complies with the laws, regulations, and contractual obligations that are applicable to the organisation in general and to its ISMS.
  • Business Continuity Plans are developed, maintained, and tested on a regular basis.
  • All stakeholders are responsible for the implementation of respective information security policies and procedures within their area of operation and oversee adherence by their team members.
  • The competence of the employees towards the information security management system is enhanced through regular awareness, training, and skill augmentation initiatives.
  • Continually improve and enhance our performance through the setting of ISMS Objectives, which are monitored, reviewed, and acted upon.

This Information Security Policy will be reviewed annually and will be communicated to all relevant internal and external interested parties using the appropriate methods.

Top Management is fully committed to the Information Security Policy through the provision of resources, active participation in improvement activities, and leadership by example.

Approved By / Date:
Matt Rawlinson
10/10/2022
CEO