Information Security Policy

SapphireOne Information Security Policy

SapphireOne is committed to optimising its information security performance consistent with our risk appetite.  In providing software, implementation and help desk services to our clients, SapphireOne has access to their information and we expect that all staff and contractors have a clear understanding of their information security obligations.  SapphireOne also has its own information much of which needs to be secured to enable the business to operate effectively.

To assist us in assuring our information security performance, SapphireOne is committed to the implementation, maintenance and continual improvement of our Information Security Management System.  SapphireOne will assure the ISMS through seeking compliance with and certification to ISO 27001:2013.  The purpose of this ISMS and this policy is to strive to achieve:

  • Confidentiality – ensuring that information is not made available or disclosed to unauthorized individuals, entities or processes;
  • Integrity – maintaining the consistency, accuracy, and trustworthiness of information over its entire life cycle;
  • Availability – ensuring that information is both accessible and usable upon demand by an authorized party;

SapphireOne is committed to ensuring that its ISMS is capable of meeting owners, clients and legal requirements for information security.  To achieve this end, SapphireOne is fully committed to the engagement and skilling of its staff to deliver information security outcomes that are consistent with our risk appetite.

Last reviewed date:  30 /11 /2017
John William Adams, CEO