Our Terms and Conditions

Language Bank
Quality and Enviromental Protection Policy

 

1.0 Purpose

The purpose of this policy is to establish direction and requirements for physical and environmental protection and to ensure that Language Bank’s resources are protected by physical and environmental security measures that prevent physical tampering, damage, theft, or unauthorized physical access.

2.0 Scope

This policy covers access to all business processes and data, information systems, and other IT resources owned or operated by Language Bank. Any information not specifically identified as the property of other parties transmitted or stored on Language Bank’s IT resources is own property .

This policy applies to all employees, whether employed on a full-time, part-time or on Frellance basis by Language Bank, contractors and clients (collectively referred to as “individuals” and “users”).

3.0 Roles and Responsibilities

Roles

Responsibilities

Management

The Managing Partners or other designated officials are assigned the responsibility of ensuring that the goals and requirements of the physical and environmental protection policy are met. The Director of the company or other designated officials are also responsible for ensuring the approved administrative and privacy controls are in place.

Information Security

The information security function is responsible for ensuring the confidentiality, integrity, and availability of information and information systems by preventing unauthorized access, use, disclosure, interruption, alteration, or destruction.

Covered Personnel

To decrease the risk of unauthorized access, use, or modification of IT resources, covered personnel must understand their security duties and have the necessary skills and expertise to ensure the proper execution of the functions they are assigned (theft, fraud or misuse of facilities).

Third Parties

Third-party service providers must comply with this and other applicable Enterprise Information Technology Policies, Standards, and Procedures when developing IT systems and applications for the organization. Non-conforming IT systems cannot be deployed unless the purchasing entity and their contractor have jointly requested for and obtained notice from the CISO or designated personnel that a specific exception will be allowed in writing.

4.0 Management Commitment

Language Bank is committed to following this policy and the procedures that support it.

5.0 Coordination Among Other Organization Entities

Language Bank recognizes the critical need for physical and environmental protection that meet it’s unique requirements and relate directly to our mission, size, structure, and functions. We further recognize that effective physical and environmental protection relies on a collaborative partnership between the organization entities.

6.0 Compliance

For Language Bank employees, failure to comply with this policy may result in progressive discipline up to and including dismissal. For Freelance Interpreters and contractors, failure to comply may result in removal of the individual’s ability to access and use Language Bank’s data and systems. Everybody will be notified of any violations, at due course.

7.0 Policy and Procedures (Low, Moderate, High)

Language Bank shall:

  • Develop, document, and disseminate to:

    • A physical and environmental policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.

    • Procedures to facilitate the implementation of the physical and environmental policy and associated physical and environmental controls.

    • Review and update the current physical and environmental policy and procedures when there are significant changes in the information systems and/or the environments in which they operate.

8.0 Physical Access Authorizations (Low, Moderate, High)

Language Bank shall:

  • Develop, approve and maintain a list of individuals with authorized access to the facilities where the information systems reside.

  • Issue authorization credentials for physical access to the facility at entry, exit points, and physical spaces where system components are located.

  • Review the access list detailing authorized facility access by individuals and remove individuals from the facility access list when access is no longer required.

9.0 Physical Access Control (Low, Moderate, High)

Language Bank shall:

  • Enforce physical access authorizations by verifying individual access authorizations before granting access to the facility.

  • Control ingress/egress to the facility using (organization-defined physical access control systems/devices and/or guards).

  • Maintain physical access audit logs for (organization-defined entry/exit points).

  • Provide (organization-defined security safeguards) to control access to areas within the facility officially designated as publicly accessible.

  • Escort visitors and monitor visitor activity in (organization specified areas).

  • Implement secure keys, combinations, and other physical access devices.

  • Inventory (organization-defined physical access devices) every (organization-defined frequency).

  • Change combinations and keys (organization-defined frequency) and/or when keys are lost, combinations are compromised, or individuals are transferred or terminated.

10.0 Access Control for Transmission (Moderate, High)

Language Bank shall:

  • Control physical access to (organization-defined information system distribution and transmission lines) within entity facilities using (organization-defined security safeguards).

11.0 Access Control for Output Devices (Moderate, High)

Language Bank shall:

  • Control physical access to output from output devices.

  • Link individual identity to the receipt of output devices.

12.0 Monitoring Physical Access (Low, Moderate, High)

Language Bank shall:

  • Monitor physical access to the facility to detect and respond to physical security incidents.

  • Review physical access logs (organization-defined frequency) and upon the occurrence of (organization-defined events or potential indications of events); and coordinate results of reviews and investigations with the organizational incident response capability.

13.0 Visitor Access Records (Low, Moderate, High)

Language Bank shall:

  • Maintain visitor access records to the facility.

  • Review visitor access records (organization-defined frequency).

  • Report any anomalies to designated (organization-defined personnel or roles).

  • Limit personally identifiable information (PII) in the visitor records to the elements identified in the privacy risk assessment.

14.0 Power Equipment and Cabling (Moderate, High)

Language Bank shall:

  • Protect power equipment and power cabling for the information system from damage and destruction.

  • Determine the types of protection necessary for power equipment and cabling employed at different locations both internal and external to organizational facilities and environments of operation.

15.0 Emergency Shutoff (Moderate, High)

Language Bank shall:

  • Provide the capability of shutting off power to the information system or individual system components in emergency situations.

  • Place emergency shutoff switches or devices in ([rganization-defined location by system or system component) to facilitate safe and easy access for personnel and protect emergency power shutoff capability from unauthorized activation.

16.0 Emergency Power (Moderate, High)

Language Bank shall:

  • Provide a short-term uninterruptible power supply to facilitate an orderly shutdown of the information system

  • Transition of the information system to long-term alternate power in the event of a primary power source loss.

  • Provide a long-term alternate power supply for the information system that is capable of maintaining minimally required operational capability in the event of an extended loss of the primary power source.

17.0 Emergency Lighting (Low, Moderate, High)

Language Bank shall:

  • Employ and maintain automatic emergency lighting for the information system that activates in the event of a power outage or disruption and that covers emergency exits and evacuation routes within the facility.

  • Provide emergency lighting for all areas within the facility supporting essential missions and business functions.

18.0 Fire Protection (Low, Moderate, High)

Language Bank shall:

  • Employ and maintain fire detection and suppression systems supported by an independent energy source.

  • Ensure that fire detection and suppression systems have the capability to trigger automatically and notify (organization-defined personnel or roles) in the event of a fire.

  • Ensure that the facility undergoes (organization-defined frequency) fire protection inspections by authorized and qualified inspectors and identified deficiencies are resolved within (organization-defined time period).

19.0 Environmental Controls (Low, Moderate, High)

Language Bank shall:

  • Maintain temperature and humidity levels within the facility where the information system resides at (organization-defined acceptable levels).

  • Monitor temperature and humidity levels (organization-defined frequency) to include alarms or notifications of changes potentially harmful to personnel or equipment.

20.0 Water Damage Protection (Low, Moderate, High)

Language Bank shall:

  • Protect the information system from damage resulting from water leakage by providing master shutoff or isolation valves that are accessible, working properly, and known to (organization-defined personnel or roles).

21.0 Delivery and Removal (Low, Moderate, High)

Language Bank shall:

  • Authorize, monitor and control all system components entering and exiting the facility.

  • Maintain records of all system components delivered to or removed from the facility.

22.0 Alternate Work Site (Moderate, High)

Language Bank shall:

  • Employ (organization-defined security controls) at alternate work sites.

  • Assess as feasible, the effectiveness of security controls at alternate work sites.

  • Provide a means for employees to communicate with information security personnel in case of security incidents or problems.

23.0 Location of System Components (High)

Language Bank shall:

  • Place system components within the facility and protect them from unauthorized access.

 

Person responsible: Mr Vlatko Petrov
Managing Partner @ Language Bank
petrov@language-bank.co.uk mob:07989 249 919

 

 

 

 

Committed to provide service at Any Language, Any Place, Any Time

Language Bank” is trading name of “Avenue Partners Language Ltd”.
Registered in England and Wales. Company Reg No. 15272274

| London | Leeds | Liverpool | Glasgow | Bristol |

Contact us for more info