![]() ![]() We currently bank with the Co-Operative, Nationwide, and an investment bank in the North of England, and are in the process of switching to Triodos because of their ethical and sustainable approach to banking. We reviewed our banks against and have closed our account with HSBC. We are exploring the prospect of using company funds to subsidise “green” home improvements for our UK employees (replacing gas boilers with heat pumps, solar panel installation, insulation improvements etc.). AWS' approach differs from most other green hosting companies in that it is not only based on offsetting, carbon credits, and tree planting, but also significant investment in renewable energy schemes internationally. We review the data centres we use against the Green Web Foundation's hosting directory () to look for opportunities to minimise our environmental impact. We choose to base many of our services on AWS due to their commitment to be net zero by 2040. ![]() The implementation of information security in development is defined in our Secure Development Policy The use of cryptographic controls is defined in our Acceptable Encryption Policy. The parameters for secret authentication information are set out in the Acceptable Use Policy and apply to all users (employees and third parties). We have an Access Control Policy that determines the access to information and systems based upon business requirements. ![]() Aspects of these process are highlighted to all employees as part of general awareness training, while management have a specific awareness module on management responsibilities. More extensive information relating to management responsibilities for the ISMS are given in the Management Team Terms of Reference and QMS/ISMS Management operations process. Our team of expert Drupal developers has researched available modules for integration with AWS Lambda. The members of the management team are identified through the People Chart and Roles and responsibilities documents. Links to key policies for third parties are incorporated into contracts. Key policies are highlighted to employees as part of onboarding and ongoing training. Information security policies and processesĪll relevant information security policies are under document control, stored in our file management system and can be found via our Document Register. ![]()
0 Comments
Leave a Reply. |