Cyber Security Policy

Introduction

RBA Chartered Accountant and Tax Advisor is committed to protecting the confidentiality, integrity and availability of its information assets. This policy sets out the company's requirements for cyber security and outlines the responsibilities of all staff.

Scope

This policy applies to all staff of RBA, including permanent, temporary, contract, agency and freelance staff. It also applies to all visitors to the company's premises.

Responsibilities

The board of directors is responsible for the overall security of the company's information assets. The IT department is responsible for the implementation and maintenance of the company's cyber security measures. All staff are responsible for following this policy and for reporting any security incidents to the IT department.

Security Requirements

The company's information assets must be protected from unauthorized access, use, disclosure, disruption, modification, or destruction. The following security measures must be implemented and maintained:

• Strong passwords and multi-factor authentication must be used for all systems and applications.
• All systems and applications must be kept up to date with the latest security patches.
• A firewall must be in place to protect the company's network from unauthorized access.
• Antivirus software must be installed and kept up to date on all devices.
• All data must be backed up regularly and stored in a secure location.
• Staff must be trained on cyber security best practices.

Incident Response

If a security incident occurs, it must be reported to the IT department immediately. The IT department will investigate the incident and take steps to mitigate the damage. The company will also notify the relevant authorities if required.

Conclusion

The company is committed to protecting its information assets. By following this policy, staff can help to keep the company's information safe.