Skip to main content

FAQ

What is IPIs Information Security posture?

IPI holds accreditation for ISO27001:2013 Information Security Management System and Cyber Essentials.
IPI has developed a comprehensive set of security policies and procedures to keep information secure. We have well documented Incident Management processes, Risk Management processes, Business Continuity plans and Disaster Recovery plans. IPI have a team of dedicated personnel responsible for the management of our Information Security function, it is the responsiblility of all at IPI to ensure security success.

What is IPI's Access Control policy?

IPIs Access Control policy covers rules regarding account creation, usage and follows the principles of least privilege. Multi Factor Authentication is in use where technically possible. Access is managed throughout an account life cycle using information asset reviews in order to review, modify and revoke access permissions.

What is IPIs Data Protection posture?

IPI is a Data Controller with regards to the information it holds for IPI only. For more information on Data Protection please go to our DATA PROTECTION & PRIVACY resource.

What is IPI's Incident Plan?

IPI holds Information Security and Information Breach Response Plans which are created using best practices. The plans are designed to identify, contain, communicate and remediate incidents. IPI have defined roles and responsibilities in the event of an incident.

Does IPI have a Business Continuity plan?

IPI holds Business Continuity Plans for our corporate offices, staff, processes and systems. These are tested annually, and any improvements are made. Results of these cannot be shared.

How does IPI manage risk?

IPI have a Risk Management process to assess potential vulnerabilities and develop strategies to efficiently mitigate risk. The Security and Compliance team maintain a Risk Register which covers all aspects of the business including people. All risks are owned by a senior member of leadership and is reviewed bi-annually for any updates. Our risk management process meets industry standards.

Page last updated on March 19th, 2024