Protection of Information
ICARAF PROTECTION OF INFORMATION POLICY
We will ensure the protection of all information assets within the custody of the ICARAF.
High standards of confidentiality, integrity and availability of information will be maintained at all times.
Information is a major asset that we have and we also have a responsibility and requirement to protect.
Protecting information assets is not simply limited to covering the stocks of information (electronic data or paper records) that we maintains. It also cover the people that use them, the processes they follow and the physical computer equipment used to access them.
This Information Protection Policy addresses all these areas to ensure that high confidentiality, quality and availability standards of information are maintained.
The following policy details the basic requirements and responsibilities for the proper management of information assets at ICARAF. The policy specifies the means of information handling and transfer within the Business.
This policy should be applied whenever Business Information Systems or information is used by ICARAF. Information can take many forms which include:
- Hard copy data printed or written on paper.
- Data stored electronically.
- Communications sent by post / courier or using electronic means.
- Stored tape or video.
ICARAF recognizes that there are risks associated with users accessing and handling information in order to conduct official business.
- ICARAF draw-up and maintains inventories of all important information assets.
- All information assets, where appropriate, are assessed and classified as:
o TOP SECRET
- Access to information assets, systems and services is conditional on acceptance of the appropriate Acceptable Usage Policy.
- Users are not allowed to access information until we are satisfied that they understand and agree the legislated responsibilities for the information that they will be handling.
- PROTECT and RESTRICTED information cannot be disclosed to any other person or organization via any insecure methods including paper based methods, fax and telephone.
- Disclosing PROTECT or RESTRICTED classified information to any external organisation is also prohibited, unless via the email.
This policy aims to mitigate the following risks:
- Data communicated informally
- Stored for more than a specified amount of time
- Transferred to organizations, states or countries that do not have adequate data protection policies
- Distributed to any party other than the ones agreed upon by the data’s owner (exempting legitimate requests from law enforcement authorities)
Non-compliance with this policy could have a significant effect on the efficient operation of ICARAF and may result in financial loss and an inability to provide necessary services to our clients.
If any user is found to have breached this policy, they may be subject to ICARAF’s disciplinary procedure. If a criminal offence is considered to have been committed, further action may be taken to assist in the prosecution of the offender(s).
If you do not understand the implications of this policy or how it may apply to you, please click here.
This policy will be reviewed as it is deemed appropriate, but no less frequently than every 12 months.
ICARAF is an online consultancy providing local, national and global service to organisations of all sizes.
Our consultants have extensive experience working with individuals and businesses to ensure that their data, assets and staff are given the maximum possible security. We provide a range of services covering analysis, research, accounting and finance consultancy. Our specialist consultants are well trained and can work with you at any stage of your projects or business lifecycle to ensure that you get the most cost-effective secure service.
As a fully independent consultancy we always work in our clients best interests. We pride ourselves on the quality of our advice and ensuring that our clients can make maximum us out of their potential.