Information Security Policy
In providing services to our clients, PaysOnline has access to their information and we expect that all staff and contractors have a clear understanding of their information security obligations. PaysOnline also has its own information much of which needs to be secured to enable the business to operate effectively.
As a software developer for our clients, PaysOnline is committed to industry standards for the development life cycle and the incorporation of information security into each phase of this life cycle. We are committed to understanding our individual client’s need for our software and we will ensure that information security is a key element of this, the implementation process and our ongoing client servicing.
To assist us in assuring our information security performance, PaysOnline is committed to the implementation, maintenance and continual improvement of our Information Security Management System. PaysOnline will assure the ISMS through seeking compliance with and certification to ISO 27001:2013. The purpose of this ISMS and this policy is to achieve the following objectives:
- Availability – ensuring that information is both accessible and usable upon demand by an authorised party;
- Confidentiality – ensuring that information is not made available or disclosed to unauthorised individuals, entities or processes;
- Integrity – maintaining the consistency, accuracy, and trustworthiness of information over its entire life cycle;
PaysOnline is committed to ensuring that its ISMS is capable of meeting owners’, clients’ and legal requirements for information security. To achieve this end, PaysOnline is fully committed to the recruiting and skilling of its staff to deliver information security outcomes that are consistent with our risk appetite.