Info Security Policy
1. Purpose of Policy
The Red Fox Group develops SwiftFox CRM and provides consultancy services for customer relationship, stakeholder, and campaign management, as well as website development. In providing services to our clients, the Organisation has access to their information and expects all employees and contractors to have a clear understanding of their information security obligations. The Organisation also has its own information, much of which needs to be secured to enable the business to operate effectively.
2. Information Security Management System
To assist us in assuring our information security performance, the Organisation is committed to the implementation, maintenance, and continual improvement of our Information Security Management System. The Organisation will assure the ISMS through seeking compliance with and certification to ISO 27001:2013.
2.1 Objectives
The purpose of this ISMS and this policy is to achieve the following objectives:
2.1.1 Confidentiality
Ensuring that information is not made available or disclosed to unauthorized individuals, entities, or processes, we aim for:
- 0 data breaches
- No reported incidents of sharing of confidential corporate information
2.1.2 Integrity
Maintaining the consistency, accuracy, and trustworthiness of information over its entire life cycle, we aim for:
- 0 information integrity issues affecting our clients
2.1.3 Availability
Ensuring that information is both accessible and usable upon demand by an authorized party, we aim for:
- 99.5% uptime for our applications
- 0 loss of availability from 7:00 am to 9:00 pm in the Australian and New Zealand markets
2.2 Commitment
The Organisation is committed to ensuring that its ISMS is capable of meeting owners', clients', and legal requirements for information security. To achieve this end, the Organisation is fully committed to the recruiting and skilling of its staff to deliver information security outcomes that are consistent with our risk appetite.