Our Integrated Management System identifies significant quality management and information security aspects and the associated impacts of our operations. We will strive to minimise the risks of an information security incident. These will be managed at all times in a way that minimises risk to our customers, the environment, all employees, visitors and contractors on site. Training and continual risk assessment will ensure that this is undertaken in a controlled manner.
We believe in demonstrating our commitment to continual improvement through the implementation of our Integrated Management Systems, compliant with the requirements of ISO 9001, ISO 14001 and ISO 27001.
Specifically we will:
- Include quality, environmental and information security considerations in existing management systems and initiatives with the aim of improving our management processes, information security and customer satisfaction performance, whilst committing, at a minimum, to compliance with relevant legislation, contractual security obligations and other requirements to which the company subscribes including ISO9001, ISO14001 and ISO27001.
- Work in partnership with our contractors and suppliers to influence and/or improve their quality and environmental performance, and the integrity of their information security.
- Provide and maintain safe facilities and equipment, and information security.
- Implement systems to review and monitor performance, liaising with outside bodies where relevant, in order to achieve or exceed annually set objectives and targets which will ensure continual improvement.
- Undertake methods of improving efficiency in the use of human resources, raw materials and energy.
- Identify and seek to prevent information security incidents which may arise from our processes, operations and work activities.
- Prevent pollution and seek to identify and reduce any harmful environmental effects which arise from our business.
- Minimise, re-use and recycle materials wherever practicable.
- Make adequate provision for dealing with all emergency situations in our business.
- Ensure available access to quality, environmental and information security training for our staff, encouraging them to apply good practice at all times.
- Discuss quality, environmental and information security issues regularly at the highest levels of the company and consult with our staff on all related matters.
- Establish criteria against which business and information security risks will be evaluated.
ISO 9001
Obtaining ISO 9001 status means NETbuilder have consistently shown a high level of IT quality management. ISO 9001 is underpinned by ITIL and associated processes which have also been successfully implemented by NETbuilder over the last three years. This standard ensures the smooth transition and on-going service provision of new and existing business and services enabling our partners to engage with us on an equal level of understanding.
Cert No. 12271
ISO 14001
NETbuilder have obtained ISO 14001 status and are committed to promoting Environmental Awareness amongst its Employees. ISO 14001 is the most widely used environmental standard in the world.
There are three fundamental commitments required by organisations achieving ISO 14001. These are:
- Prevention of pollution;
- Compliance with legislation;
- Continual improvement of the EMS.
As an organisation we have made a commitment to these in our Environmental Policy Statement.
Cert No. 12271
ISO 27001
NETbuilder has successfully acquired ISO/IEC 27001:2005; adding significant value to our portfolio of quality accreditations.
ISO/IEC 27001:2005 provides best practice recommendations on information security management, risks and controls within the context of an overall Information Security Management System (ISMS), similar in design to management systems for quality assurance, ISO 9000.
The Company successfully secured ISO 27001 certification by adhering to all the controls within this particular ISO standard and ensuring these controls are implemented and managed across our entire business, lifecycle of services and where required into our customer environments.
The series is broad in scope, covering more than just privacy, confidentiality and IT or technical security issues. It is applicable to organizations of all shapes and sizes. All organizations are encouraged to assess their information security risks, then implement appropriate information security controls according to their needs, using the guidance and suggestions where relevant.
Cert No. 12271
Copyright © 2023. All rights reserved.