Trouble Brewing is committed to protecting the company's employees, properties, information, reputation and customers assets from potential threats in the supply chain. This policy is guided by the company’s basic core values, code of conduct, business ethics and supply chain security standards, and it dictates the way we operate throughout the supply chain. This Security Policy applies to individuals/entities that are provided access to information resources, including approved third party consultants, contractors and vendors.
All security activities must adhere to the general principles laid down below:
- All employees and contractors must always be aware of and take responsibility for the security aspects of the company’s business activities;
- Threats analysis and risk evaluations should be conducted on a regular basis;
- Security procedures and guidelines should be seamlessly integrated with business activities;
- Security measures and procedures must be subject to regular inspections, validations and verifications as noted by the relevant Security Policy so as to maintain high security standards for all operations.
- The level of professionalism, knowledge and integrity of staff involved in security matters must be tightly controlled and vetted
- Appropriate training plans, customer screening, recruitment, contracting and termination procedures must be established and implemented and documented.
- All incidents, including security breaches and irregularities must be reported and recorded. Corrective action should be taken and followed up through regular verifications to improve the overall security standard.
With regard to data/digital security specifically, the principle of role-based access control is applied at Trouble Brewing; only the employees with the authority and requirement to access information will do so. To this end:
- Our standard operating procedures include requiring that employees who will have access to sensitive information are trained information security, as well as held up to a high ethical and compliance standard.
- All Employee end-user machines have industry standard anti-virus software installed, which is updated and monitored regularly.
- All data and activity will be stored in cloud-based software to ensure the veracity and secure storage/access of all data
- Notwithstanding these protections, Trouble Brewing recognizes that all IT systems remain vulnerable to attack; therefore, monitoring is essential to ensure the reliability and security of all data
This policy has been approved by the Management Directors at Trouble Brewing. It will be reviewed, and if necessary revised, annually to keep up to date and will be released on our company website.