Information Security Policy
Silverhorse Technologies Pty Ltd is committed to preserving the confidentiality, integrity and availability of all the physical and electronic information assets throughout our organisation in order to preserve our competitive edge, cash-flow, profitability, legal, regulatory and contractual compliance and commercial image. Information and information security requirements will continue to be aligned with our goals and the Information Security Management System (ISMS) is intended to be an enabling mechanism for information sharing, for electronic operations, and for reducing information-related risks to acceptable levels.
Silverhorse Technologies Pty Ltd’s current strategic business plan and risk management framework provide the context for identifying, assessing, evaluating and controlling information-related risks through the establishment and maintenance of our ISMS. The Risk Assessment, Statement of Applicability and Risk Treatment Plan identify how information-related risks are controlled. The Director of Operations is responsible for the management and maintenance of the risk treatment plan. Additional risk assessments may, where necessary, be carried out to determine appropriate controls for specific risks.
In particular, business continuity and contingency plans, data backup procedures, protection against malware, viruses and hackers, access control to systems and information security incident reporting are fundamental to this policy. Control objectives for each of these areas are contained in the ISMS Manual and are supported by specific documented policies and procedures.
Silverhorse Technologies Pty Ltd aims to achieve specific, defined information security objectives, which are developed in accordance with the business objectives, the context of the organisation, the results of risk assessments and the risk treatment plan.
All personnel and relevant external parties are expected to comply with this policy and with the ISMS that implements this policy. All personnel, and relevant external parties, will receive appropriate training. The consequences of breaching the Information Security Policy are set out in the HR policies and in contracts and agreements with third parties.
The ISMS is subject to continuous, systematic review and improvement. Silverhorse Technologies Pty Ltd has established a steering group, chaired by the CEO to support the ISMS framework and to periodically review the ISMS related policies.
Silverhorse Technologies Pty Ltd is committed to compliance of its ISMS to ISO 27001:2013.
This policy will be reviewed to respond to any changes in the risk assessment or risk treatment plan and at least annually during Management Review.