...
The operation of this ISMS has many benefits for the business, including:
Ensuring the supply of goods and services to customers
Maintenance and enhancement of shareholder value
Compliance with legal and regulatory requirements
An Information Security Policy is available in both paper and electronic form and will be communicated within the organization and to all relevant stakeholders and interested third parties.
...
A risk management approach and process will be used which is line with the requirements and recommendations of ISO/IEC 27001. Risk management will take place at several levels within the ISMS, including:
Assessment of risks to the achievement of our information security objectives
Regular information security risk assessments within specific operational areas
Assessment of risk as part of the business change management process
At the project level as part of the management of significant change
We would encourage all employees and other stakeholders in our business to ensure that they play their part in delivering our information security objectives.
Yours sincerely,
  |  |
Jan Tenenberg, CEO | Stephen Kent, CFO |
...