Privacy statement

Online privacy notice highlights : last updated 28/05/2019

 

Purpose

The goal of Riskex is to become a market-leading provider of business solutions, software development systems, and cloud-based computing. To this end, our multi-disciplined team of developers and risk specialists will maintain the highest standard of quality management, customer service, confidentiality, integrity and availability of business-critical information and data.

Scope

Riskex operates a quality management system (QMS) to ensure that we deliver consistent high quality throughout the organisation against the requirements of ISO9001:2015, which is underpinned by our information security management system, meeting the requirements of ISO27001:2013. Our BMS supports our commitment towards continual improvement and the effectiveness of our business management system. Details of our business management processes and procedures are available on request. The management team undertakes responsibility for ensuring effective compliance to our business management system throughout the company.

Quality Management

We aim to deliver the following as part of our service:

  • Building strong customer relationships enabling growth and success for both companies, in line with all applicable UK legislation and other requirements.
  • We will maintain a stringent set of controls, including policies, processes, procedures, and software and hardware functions. These controls are continually monitored, reviewed and approved by the Directors to ensure that specific quality and business objectives are met with a view to continual improvement of the QMS.  This is operated in conjunction with other business management processes.
  • Provide company inductions and training to all staff to manage and enhance customer satisfaction in the delivered services and to grow the service offering to meet the future needs of the customer.
  • Have a robust and audited process and procedures in place to demonstrate and deliver customer satisfaction and for any third-party suppliers to meet or exceed these same standards

Information Security

It is the policy of the company that:

  • Corporate information is recognised as a critical business asset. These assets are identified and managed in accordance with an established risk assessment methodology that endorses the acceptable risk levels.
  • Business critical information will be stored securely, retrieved and processed as and when required, in line with all applicable UK legislation and other requirements.
  • We will maintain a stringent set of controls, including policies, processes, procedures, software and hardware functions. These controls are continually monitored, reviewed and approved by the Directors to ensure that specific security and business objectives are met with a view to continual improvement of the ISMS.  This is operated in conjunction with other business management processes.
  • Awareness of Information Security requirements is incorporated in our induction process, training and Management System.
  • All employees are empowered to take responsibility for Information Security and a robust process for identifying and reporting security risks and incidents is in place and is regularly reviewed.
  • Through compliance to the standard for Information Security Management ISO/ IEC 27001:2013, Riskex will demonstrate confidence, integrity and credibility both internally and externally.


All employees within the business will be responsible for information security and quality management in their day to day activities. Directors and Managers will ensure that all information security and quality management process and procedures are adhered to and that any third parties adhere, deliver customer satisfaction and effective security.

This policy is readily accessible internally and is available to existing and prospective clients and other interested parties on request. The policy will be reviewed annually by a director to ensure it remains adequate and effective to the business.

 

Copyright © 2000 – 2018 AssessNET is a registered trademark. [Riskex Business Policy (quality and information security)]