Monolith
Information security policy statement
Updated September 2024
Through this Information Security Policy, Monolith AI has defined its commitment to protecting information through the Information Security Management System (ISMS) which ensures confidentiality, integrity, security, and availability of internal, customer, and supplier information.
The ISMS effectiveness is achieved through understanding the risks and opportunities that may impact information within the business and by using a number of controls, including policies, processes, procedures, software, and hardware functions, to manage these issues in ways that are beneficial to the business.
These controls are continually monitored, reviewed, and improved to ensure that specific security and business objectives are met. This is operated in conjunction with other business management processes and incorporates the applicable statutory and contractual requirements.
Objectives have been defined primarily through the SWOT and PESTLE, although some may come from the information security risk assessment, the management review, or linked to existing strategic risk mitigation activities; they are designed to drive the management system forward and bring about continual improvement. Objectives will be focused on improving confidentiality, integrity, and availability.
The ISMS has been designed to address legislation as listed in the legal register.
Information security is controlled through the preservation of:
- Confidentiality: ensuring that information is accessible only to those authorised to have access.
- Integrity: safeguarding the accuracy and completeness of information and processing methods.
- Availability: ensuring that authorised users have access to information and associated assets.
Monolith AI operates a programme of information security awareness and compliance through company inductions, training, and internal audits.
All employees are empowered to identify any potential security weaknesses and/or events that could be information security incidents and report these through the appropriate management channels.
A robust system is in place to continually improve the security controls by:
- Taking account of changes to business requirements and priorities.
- Considering new threats and vulnerabilities that may impact the business.
- Reviewing the effectiveness of the ISMS through internal audits and the management review process.
This policy will be maintained and will be communicated, understood, and applied within the company. It is available on request to relevant interested parties.
The overall intent of our management system is to give customers and other interested parties confidence in Monolith AI’s ability to protect all information held or processed by the business.
Endorsed by:
Richard Ahlfeld, CEO
Luke Oubridge, COO