In recognition of the critical role that information systems play in Aspen Grove’s business activities, the company and its management team is committed to ensuring all access to, storage, use of, and processing of information managed by Aspen Grove is performed in a secure manner in accordance with this information security policy.
Aspen Grove is committed to adopting a security model in line with BS7799/ISO27001 international best practice standards
This Information Security Policy and supporting Policies provides a framework in which security threats to Information Systems under Aspen’s management can be identified and managed on a risk basis and establishes terms of reference, which are to ensure uniform implementation of Information security controls throughout the company. Everyone at Aspen Grove is expected to be familiar with and consistently apply the framework on a day-to-day basis as well as contributing to the overall security awareness and improvements within the company.
The company recognizes that failure to implement adequate Information security controls could potentially lead to:
Financial loss
Irretrievable loss of important company and client data
Damage to the reputation of Aspen Grove and its clients
Legal consequences
Therefore measures must be in place, which will minimize the risk to Aspen Grove and its clients from unauthorized modification, destruction or disclosure of data, whether accidental or deliberate.
This Information Security Policy and all supporting policies apply to all staff and 3rd party workers within Aspen Grove.
Aspen Grove critically depends on continued customer confidence. This confidence has been gradually increased and is the result of many years of dedicated effort on the part of Aspen Grove workers. While it is slow to grow, this confidence can be rapidly lost due to problems such as hacker intrusions causing system outages. The trust that customers have in Aspen Grove is a competitive advantage that must be nurtured and grown with efforts such as this information security initiative.