Policy

INTEGRATED MANAGEMENT SYSTEM (IMS) POLICY STATEMENT

Spout Payment Limited is committed to preserving the confidentiality, integrity, and availability of its customer’s and stakeholders’ information supplied by, generated by, and held on behalf of the Organization. The Organization is also committed to continuing or immediately resuming its critical business functions in the event of major disruptions to continue delivering value to its customers. It is also the responsibility of the Information Security Manager and Business Continuity Manager to ensure that employees understand the roles they are required to fulfill and that they have the appropriate skills and competence to do so. Top Management will ensure that all employees involved in the management systems are competent based on appropriate education, training, skills, and experience. The skills required to ensure that information security, service management, and business continuity are determined and reviewed on a regular basis together with an assessment of existing skill levels within Spout Payment Limited have been determined. Training needs have also been identified, and a plan is maintained to ensure that the necessary competencies are in place.

Spout Payment Limited policy with regard to Continual Improvement of the IMS is to: Continually improve the effectiveness of the Information Security and Business Continuity Management System across all areas within scope Enhance current processes to bring them into line with good practice as defined within ISO 27001:2022 and ISO 22301:2019
Achieve ISO 27001:2022 and ISO 22301:2019 certifications and maintain them on an ongoing basis.
Achieve an enhanced understanding of, and relationship with, the business units to which the BCMS and security apply Review relevant metrics periodically to assess whether it is appropriate to change them, based on collected historical data and feedback from relevant sources. Obtain ideas for improvement via regular review meetings with stakeholders and document them. Review ideas for continual improvement at regular management meetings to prioritize them and assess timescales and benefits.

INFORMATION SECUITY MANAGEMENT SYSTEM (ISMS) POLICY STATEMENT

It is the policy of Spoutpay Limited to ensure that pertinent documented information is properly identified, updated, approved, and made available when needed. This document defines the procedures for the control of documented information within Spoutpay Limited to ensure that appropriate versions of documented information are identified and made available when needed. It also aims to ensure that documented information of external origin is identified, and their distribution controlled. CLICK HERE to download more details