Information systems and security policy
VGC Value – “We deliver on our promises” – We innovate
Vision
VGC understands that by setting standards around the acceptable use of our information technology, protecting data, ensuring high levels of confidentiality, integrity, and availability, we are creating a repeatable and consistent process for managing information.
We will educate users around best practices and corporate security protocols, documenting controls to ensure people adhere to security measures, meeting critical compliance requirements, establishing guidelines for detecting new threats and mitigating new risks and give our clients and employees confidence in our security protocols.
Strategy
This policy is a declaration of VGC commitment to ensuring business continuity is maintained and security breaches are prevented through the elimination and mitigation of security risks.
The board recognises that secure information and operations are essential and that all areas of our business are required to contribute to reducing the risks associated with security breach.
We commit to maintaining secure systems for our offices and sites and commit to prevent unauthorized access to information and our sites through the provision of the necessary infrastructure, resources and investment.
VGC will ensure that:
- VGC business data is secured
- All information maintained in accordance with legislative requirements
- Suitable security control is maintained at transient and project sites
- Client, partners and supplier/subcontractor data is maintained securely
To manage the risks VGC shall ensure that:
- Our controls are documented and communicated to the necessary personnel at induction through dedicated procedures and/or briefings.
- Staff are trained suitably to enable them to maintain the systems needed
- Any security incident is investigated and tracked to closure to avoid reoccurrence
- We review the policy and associated procedures annually or in the event of any incident to ensure effectiveness
- We monitor effectiveness of our controls through audit.
Laurence Mckidd, chief executive officer
31 March 2023
Download a printable copy of our information and security policy (243kb pdf).