The Information Security Management System (ISMS) at Ixis IT Limited is designed to protect client
data and information during and after all work that we do on behalf of that client. Ixis is a technical
agency specialising in internet application services including development, hosting and support. We
have obtained one of the strongest and most diverse Drupal specific portfolios in the UK ranging from
large enterprises to public sector organisations, national charities and start-up businesses. We also
provide services for WordPress, Shopware and Laravel.
We are totally committed to meeting our customers’ requirements and to continual improvement. We
shall listen to our customers, understand and balance their needs and expectations with our resources
and endeavour to give them satisfaction, taking into account our legal and regulatory requirements
and contractual security obligations.
Ixis is committed to establishing and reviewing the Control Objectives of the system and then
communicating these to all members of staff.
We shall involve all our staff in the development of the Company, utilising their knowledge, experience
and competence, to continually improve the efficiency and effectiveness of our services and our
Information Security Management System (ISMS). Everyone connected with Ixis will be supported
according to their individual needs for personal development, training and facilities.
This policy will be fulfilled through the adoption and implementation at all times of the ISMS, the
Operational Policies and Procedures required by ISO 27001: 2013.
The Company is committed to complying in full with the requirements of ISO 27001: 2013 and has
undertaken Risk Assessments and developed Risk Treatment Plans. Criteria against which risks are
evaluated have also been established. These are reviewed at regular intervals to ensure they reflect
the continuing needs of the business.
We fully endorse the contents of the IMS Policy Manual. It is issued with our authority and adherence
to these policies and procedures is mandatory for all staff. It is a controlled document and cannot be
copied unless we authorise it.