Getronics UK Ltd. specialises in the provision of IT Managed Services that can be performed at our own premises or directly at client locations.

The nature of the Company's business requires that information be shared internally and with external customers and legitimate third parties.

It is fundamental to the business that measures are taken to protect that information and the Company is committed to ensuring that:

• The confidentiality of information is protected to prevent disclosure of valuable or sensitive information
• The integrity of information is maintained to ensure its accuracy and completeness
• The availability of information is maintained to meet business needs
• Compliance with business, contractual, and regulatory requirements, including data protection, is assured
• The continuity of vital business services is maintained in the event of a major incident
• Any breaches of information security are reported, investigated and corrective action implemented
• Information security training is made available to all staff

In order to fulfil these commitments, and to provide the level of control and traceability necessary to demonstrate compliance with recognised processes, it is the policy of the organisation to establish and maintain an efficient and effective Information Security Management System (ISMS) based upon the requirements of the BS ISO/IEC 27001 standard.

This policy and the ISMS are regularly reviewed and where necessary revised to ensure that it is continually improved.