Baxi (Formerly Capricorn DIgital Limited) is committed to maintaining and improving information security and business continuity processes by adopting an integrated management system. This provides a framework or integration of the ISO 27001:2013 and ISO 22301:2019 standards.
The company defines our core values for Integrated Management System as follows:
• To ensure uninterrupted availability of all key business resources required to
support essential (or critical) business activities.
• To reduce the number of information security and business continuity high priority
risks on Capricorn Digital Limited’s risk register.
• To provide for an orderly and expedited recovery/continuity of critical business
processes after a disruptive incident.
• To reduce or avoid information security breaches and related loss.
• To Ensure Compliance with Capricorn Digital Limited’s Contractual, Regulatory,
and Legal requirements and reduce information security related regulatory
sanctions/penalties.
• To ensure Information collected, held, and used by the organization is
appropriately protected and available in line with business requirements.
• To improve information security culture and consciousness in the organization.
• To provide training in information security and business continuity for key
resources
• Create awareness of all staff on the needs and responsibilities of Information
Security & Business Continuity Management.
• To ensure that Confidentiality, Integrity, and Availability of information is
maintained throughout business functions and processes.
• To ensure information is only accessible to authorized people from within or
outside the company and minimize damage by preventing and reducing the impact of
security incidents.
• To ensure continual improvement of our Information security and Business
continuity management system.
The Integrated Management System policy, objectives and targets will be reviewed annually (or
sooner if necessary) by Top Management. This policy statement is communicated to all employees
and persons working for or on behalf of the company and will be made available to the public,
stakeholders, and any other interested parties on request.