The Scope Is
The provision of engineering claims and inspection services to the Insurance Sector including all administrative support functions.
This scope includes all operational service delivery and the Information Assets received, generated, processed and managed as a result of this service delivery. Activities take place both at the Head Office address as follows: Kirkby Lodge, South Boundary Road, Knowsley Industrial Park, Merseyside, L33 7SF and field based engineers across the UK.
The purpose of Information Security Management is to protect Hoopers' information assets and allied information infrastructure. This includes information assets critical to the operation of the business, external information ie. Information assets belonging to customers, suppliers and business partners for Hoopers' business operations. The implementation of this policy demonstrates the commitment of the organisation to maintain and improve information security initiatives and provides confidence to business partners in the conduct of business with Hoopers'. It is the policy of Hoopers':
To preserve Confidentiality - that is to protect information assets from unauthorised disclosure
To maintain Integrity - that is to protect information assets from unauthorised or accidental modification ensuring accuracy and completeness of the organisations assets
To ensure Availability - that is to ensure that information assets are available as and when required adhering to the organisations business objectives
The policy extends to all functions and activities of the company. All Information Assets belonging to Hoopers' and/or the client and in possession or custody of the Company's employees, representatives, partners and service providers and their personnel are within the scope of this policy.
To identify through appropriate risk assessment, the degree of protection of information assets, the preparedness against threats, to understand their vulnerabilities and the threats that may expose them to risk. To manage and minimise risks, to an acceptable level through the design, implementation and maintenance of a formal Information Security Management System (ISMS). To comply with legislation including:
- All legislative requirements
- To comply with contractual obligations that lay down the requirements for Information Security
- Commitment to comply with the requirements if ISO 27001
- Commitment to continually improvement adherence with the controls and where possible implement industry best practice
- Commitment to review this policy on an annual basis or more frequently as required.
In order to operate the ISMS, the Senior Management Team have formed an Information Security (IS) Committee IS Committee have overall management responsibility for the implementation and effective maintenance of the ISMS. Supporting the team is the ISMS Internal Audit Team, ISMS Champions and Departmental Managers / Heads and all other employees of Hoopers'.