Call us now on +44 (0)33 3358 3006

Information Security

The Information Security Management System (ISMS) Policy of SIRS Europe is to determine, agree and conform to our client’s needs and expectations, whilst fulfilling the requirements of British Standard, European Standard and The International Organisation for Standardisation (BS EN ISO) 27001:2022 and statutory law.

We recognise that to be competitive and maintain good economic performance in the risk management and investigations market, we must employ management systems that continually improve the Information Security of our products and services that in turn increases the satisfaction of our interested parties.

The key objectives of BS EN ISO 27001 are that the Management System provides:

  • SIRS Europe, incorporating senior representatives from all departments, is charged with the management and approval functions associated with the ISMS.
  • SIRS Europe is charged with establishing and continually improving the ISMS.
  • SIRS Europe will provide the framework for setting objectives and establishing an overall sense of direction of principles for action with regard to security.
  • The ISMS will take into account business and legal or regulatory requirements and contractual security obligations.
  • The approach to information security will be based on risk, as per the BS EN ISO 27001:2022 standard and best practice.
  • The ISMS procedures will establish risk evaluation criteria that are aligned with the current SIRS Europe approved corporate strategic risk management procedures and policies.
  • The creation of the ISMS will include listing all information assets and the security risks that may arise for each. The resultant information will inform us of prospective mitigation priorities.
  • We will periodically review the company’s current practices, policies and guidance to recommend any changes or improvements to ensure we apply appropriate security measures.
  • We are conscious that the motivation of our employees is dependent on their training and understanding of the tasks they are expected to perform. It is part of our ongoing training programme that this policy is communicated and understood at appropriate levels in the company.

Information Security is the responsibility of all employees of the company.

 

Mike Wright, CEO

Strategic Intelligence & Risk Services (Europe) Limited

18 November 2024