ISMS Policy Statement

Zinc understands the importance of providing a secure service and this comes from not only understanding and monitoring our internal network but also from understanding and mitigating against external factors which might affect Zinc, and further by having a thorough appreciation for the laws and regulations which govern us. Underpinning this all is our commitment to understanding the individual challenges our customers face when trying to protect their data, their information and their privacy. 

Our Security programme and policies are designed to:

  • Establish and maintain an Information Security Management System (ISMS) which is based on globally accepted security standards and is certified against International Standards Organization (ISO) 27001: 2022 controls. 
  • Continually review and improve our ISMS and ensure it  continually evolves to meet our customers’ changing needs and requirements. 
  • Comply with all applicable legal, contractual and regulatory requirements by proactively tackling the constantly  evolving information security world. 
  • Provide secure and reliable working conditions through the implementation of technical architecture, governance, and health and safety standards which embed ISMS requirements into our daily working practice in a way that does not place limitations on our effectiveness . 

Our ISMS governance council is responsible for defining, implementing and maintaining our security vision, purpose and methodology and our ISMS governance council has the full support and endorsement from executive leadership. 

We do this by:

  • Setting and reviewing measurable objectives and ensuring our objectives are met. 
  • Monitoring compliance through the process of internal audits and resolving any nonconformities. 
  • Provide all necessary support and resources to enable the ISMS governance council to achieve its aims. 
  • Communicating openly with our customers about their information security risks, fears and concerns. 

Luke Shipley
CEO
January 2024