Professional Documents
Culture Documents
ISM OS Policy Supplier and Service Providers Issue 1 2022
ISM OS Policy Supplier and Service Providers Issue 1 2022
ISM OS Policy Supplier and Service Providers Issue 1 2022
ISMS PROCEDURE
1. Purpose
The purpose of this document is to state the SafeIT policy on Third Party Service
providers including suppliers
2. Responsibilities
The GM Operations shall remain responsible for maintenance, review and
modification of this policy and its related controls.
3. Policy
All those providing services by either utilising SafeIT facilities or their own IT
facilities must be aware of, and comply with, the security conditions below. They are
required to:
1. Accept that their use of facilities may be monitored and/or recorded whilw used for
SafeIT;
2. Comply with the Data Protection Act 1998 and all other legal, statutory or
contractual obligations;
3. Never attempt to access SafeIT facilities without written permission, and only use
authorised equipment at authorised locations;
4. Only access the Safe IT facilities by using the user identifier and password
provided by the SafeIT. Maintain secracy of the IDs and passwords.
6. Never exchange data on portable media with SafeIT e.g. on USB memory sticks or
DVD/CDs, without authorisation. These media must be kept secure and locked away
when not in use.
7. Always seek to prevent accidental disclosure of sensitive or personal information,
e.g. by the accidental overlooking or overhearing of such information;
8. To handle personal or sensitive data, emails, or information with care
9. Protect and handle securely any electronic or paper information when it is used,
sent, received, stored or processed;
IQMSL-IS3-ISMS-LA–IRCA-2348 Page 1 of 3
CASESTUDY 2022
IQMSL-IS3-ISMS-LA–IRCA-2348 Page 2 of 3
CASESTUDY 2022
IQMSL-IS3-ISMS-LA–IRCA-2348 Page 3 of 3
CASESTUDY 2022