Menu

Quality and Information Security Policy

QUALITY AND INFORMATION SECURITY POLICY  

It is the policy of Cataphract Ltd to maintain a management system designed to meet the requirements of ISO 9001:2015 and ISO 27001:2022 in pursuit of its primary objectives and in alignment with the organisation’s purpose and context.  

Cataphract Ltd is committed to: 

  • Striving to satisfy the requirements of all customers, stakeholders, and interested parties wherever possible, meeting and exceeding their expectations.  
  • Communicating openly with clients, candidates, and stakeholders, and sharing this policy with all relevant internal and external interested parties in line with our Business Management System. 
  • Complying with all applicable legal requirements, codes of practice, and other obligations relevant to our activities. 
  • Protecting the confidentiality, integrity, and security of all personal and sensitive information entrusted to us. 
  • Providing the necessary resources, including equipment, trained and competent staff, and any other requirements needed to meet these objectives. 
  • Ensuring that all employees are aware of their individual responsibilities under this Quality and Information Security Policy and empowered to contribute to continuous improvement.  
  • Monitoring and measuring process performance to support evidence-based decision-making and identify opportunities for improvement.  
  • Maintaining and continually improving the effectiveness and performance of our management system through a risk-based approach.  
  • Fostering a culture of quality, teamwork, and accountability while providing a safe, supportive work environment that promotes employee wellbeing and engagement. 

This Quality and Information Security Policy provides a framework for setting, monitoring, reviewing, and achieving our objectives, programmes, and targets.  

Customer service is an essential part of the quality process. To ensure this is fulfilled, all employees receive training to maintain awareness and understanding of quality and information security and their impact on customer service.  

To ensure ongoing improvement, the Business Management System is regularly reviewed by Top Management to confirm that it remains appropriate and suitable for our business. The Business Management System is subject to both internal and external annual audits.  

Scope of the Policy (ISMS Only) 

This policy applies to the database and computer systems operated by Cataphract Ltd at its office in Buckinghamshire, in pursuit of the company’s business of providing verification services, including preemployment screening, right-to-work checks, DBS checks, and security vetting, as well as operating a software platform offering inhouse vetting in the UK. It also applies, where appropriate, to external risk sources, including outsourced functions. 

 

 B Clark 

22 Oct 25 

D Clark 

22 Oct 25