Information Security Management Systems Policy (ISMS Policy)
It is the policy of Cytec Solutions Limited to maintain an information security management system designed to meet the requirements of ISO 27001:2013 in pursuit of its primary business objectives, the purpose and the context of the company.
It is the policy of Cytec Solutions Limited to:
- make the details of our policy known to all interested parties including external parties where appropriate and determine the need for communication and by what methods relevant to the business management system;
- comply with all legal requirements, codes of practice and all other requirements applicable to our activities; therefore, as a company, we are committed to satisfy applicable requirements related to information security and the continual improvement of the ISMS;
- provide all the resources of equipment, trained and competent staff and any other requirements to enable Cytec’s information security objectives to be met;
- ensure that all employees are made aware of their individual obligations in respect of this information security management system policy;
- maintain a management system that will achieve these information security objectives and seek continual improvement in the effectiveness and performance of our management system based on “risk”.
The ISMS policy provides a framework for setting, monitoring, reviewing and achieving our information security objectives, programmes and targets.
To ensure the company maintains its awareness for continuous improvement, the Business Management System (BMS) is regularly reviewed by “Senior Management” to ensure it remains appropriate and suitable to our business. The BMS is subject to both internal and external annual audits.
Scope of the Policy
The scope of the ISMS policy relates to use of the database and computer systems operated by the company in pursuit of the company’s business of providing software solution services to the corporate sector, including share plan providers and administrators. The policy relates solely to the Sharetrack and Insidertrack software solutions. Where appropriate, it also relates to external risk sources i.e. external hosting.
Should you require further information please contact: email@example.com
Chief Executive Officer: Nick Chinn