SAP Business One

Quality Policy

The Information Security Policy of Frontline’s Managed Services division is aligned to ISO27001:2022 and sets out to determine, agree & conform to our client’s needs & expectations, whilst fulfilling the requirements of ISO 27001 and statutory law. The main components of the Managed Services division are Service Desk (SSDA and IE), Service Desk Management, Service Delivery Management, Data Centre Operations Support, Data Centre specialists, Project Management and Technology Service consultants.

Frontline recognises that to be competitive & maintain good economic performance in the Managed Service Provider sector, we must employ management systems that continually improve the Information Security of our products & services that in turn increases the satisfaction of our clients, employees, shareholders, suppliers & society at large.

Frontline’s Managed Services have been provided in various forms since very early on in Frontline’s history.  These services have evolved and matured over the years with a constant drive and focus on providing quality services with clear understanding for information security.  Through adoption of best practice and clear definition within contracts, the provision of quality services and full awareness of business and Customer information security has provided a secure and segregated framework within which products and services are offered.  Within each solution, service, product or support service offered, security is almost the paramount consideration.

The key objectives of ISO 27001 and this Information Security Policy is that the Information Security Management System (ISMS) provides: –

  • The Frontline ISMS management team, incorporating senior representatives from all departments, are charged with the management and approval functions associated with ISMS.
  • The ISMS management team is charged with establishing and continually improving the ISMS.
  • The ISMS management team will provide the framework for setting objectives and establishing an overall sense of direction of principles for action with regard to security.
  • Our main Company objectives are documented in our Management Programme Objectives which is reviewed annually.
  • Objectives will be measured for effectiveness and information security policies in place will be enforced and their effectiveness measured also.
  • The ISMS will take into account business and legal or regulatory requirements and contractual security obligations.
  • The approach to information security will be based on risk, as per the ISO 27001 standard and best practice.
  • The ISMS procedures will establish risk evaluation criteria that are aligned with the current corporate strategic risk management procedures and policies.
  • The creation of the ISMS will include listing all information assets and the security risks that may arise for each. The resultant information will inform the operational management team of prospective mitigation priorities.
  • This ISMS policy covers all policies and procedures material to security.
  • The ISMS management team will periodically review current practices, policies and guidance to recommend any changes or improvements to ensure appropriate security measures are applied

We are conscious that the motivation of our employees is dependent on their training and understanding of the tasks they are expected to perform. It is part of our on-going training programme that this policy is communicated and understood at appropriate levels in the Company.