Last updated: 29th Mar 2023

Red River Software Limited – INFORMATION SECURITY POLICY 

Our policy is to exercise due care and diligence to protect our information assets from unauthorised access, use, disclosure, destruction, modification, disruption or distribution and to maintain our reputation with our clients by ensuring the confidentiality, integrity and availability of our information systems.

Top Management will ensure business, legal, regulatory requirements and contractual security obligations are complied with.

Information assets are risk assessed using proven methodology with periodic reviews undertaken to ensure they are current and up to date.

The Management Team bears overall responsibility for establishing and maintaining our information security management system and undertakes to ensure its integrity is maintained through instruction and training of its personnel to ensure that each employee has a proper understanding of their roles and responsibilities within it.

Equally, every employee has a personal responsibility to maintain this integrity.

Further, the Management will ensure any subcontractor employed for a particular function will observe the requirements specified and accept responsibility for their performance.

We have  a Policy of Continual Improvement and Objective setting in line with the requirements of the ISO 27001 Information security Standard.

Our Information Security Management System will be monitored regularly with regular reporting of the status and effectiveness at all levels to top management.