Information Security Policy
Updated Febuary 2021
eSynergy Solutions is a technology consultancy, delivering business value from cloud computing. Our services revolve around three areas; cloud adoption, cloud native software development and data engineering.
We work with government bodies, financial service organisations and high-growth startups across the UK, supporting them day in and day out to achieve and exceed their digital transformation goals.
Our projects are delivered through best practices. Agile, DevOps, security, open-source and user centric design are fundamental to us and define the consulting experience we deliver to our clients.
We operate a Business Management System to meet the requirements of the ISO27001, the international standard for Information Security Management.
Core principles of the company relating to information security include:
- Working with eSynergy will not affect in any way the security of customer information
- Being a trusted partner to customers
- Satisfying all applicable requirements relating to information security, including legal and customer requirements
- Operating an effective methodical risk management process for information security, reduce risks to an acceptable level. Advise clients on best practice to reduce risks.
- Ensure that supporting information policies and procedures are regularly reviewed and continual improvement is maintained to ensure effective working practices and procedures
- Ensure information security requirements are regularly communicated to all relevant parties
- Training and development of staff
Information security objectives are defined and monitored within the company and regularly reviewed to identify opportunities for continual improvement.
Certification to the internationally recognised standard for Information Security Management (ISO27001:2013) is central to the way that the company does business.
We will work to continually improve company performance and associated management system to maintain and strengthen information security.
The systems defined have my active full support. They are under continual review and improvement, however once defined are mandatory for all personnel.