RealityMine shall ensure that all work activities are undertaken in accordance with the Data Protection Act 2003, applicable legislation as well as contractual requirements and the requirements of ISO27001:2013. The scope of the Information Security Management System covers the development and provision of software products associated with digital data collection and analysis including the project management and consultancy of customer projects from RealityMine and the security of the premises occupied by the Company Headquarters.
The ultimate responsibility for Information Security rests with the RealityMine CEO.
The CEO and Managers accept their collective role in providing leadership and support and will ensure security is given suitable consideration to prevent the threats as identified in the risk management process and that decisions reflect the aims and objectives of the policy. They will ensure that adequate resources are made available for the policy to be effectively implemented and maintained.
As part of the Company improvement programme, a series of objectives are set, monitored and regularly reviewed. We will promote best practice and will regularly review the information security policy and arrangements to ensure appropriate statutory requirements are met. RealityMine aims to maintain an honest reputation and to be the best in the industry including the promotion of best practise and to improve the industry as a whole.
The Company in so far as is reasonably practicable will:
- ensure this policy is brought to the attention of all employees;
- provide a secure working environment;
- provide adequate instruction, information training and supervision;
- ensure the confidentiality and integrity of data is maintained and protected against unauthorised access;
- ensure business continuity plans are developed and maintained; and
- fully investigate any significant security incident in order to establish effective corrective and preventive procedures.
RealityMine is committed to continual improvement in its management of information security. The Company will give full backing to the information security policy and will support all those who comply with it. Every individual is required to work to their accountabilities and assigned duties to make it work successfully.
This policy is made available to the public, the Company’s staff, partners and its stakeholders and is made available within the integrated management system. In commitment to Information Security we conduct a series of internal audits and welcome audits from our customers and potential customers.
A copy of this Information Security Policy is also available for download.