Versions Compared

Version Old Version 6 New Version Current
Changes made by

Roxy Sanchez

Benjy Meyer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Expand
title Does your organisation perform background checks on staff and contractors?

Does your organisation perform background checks on staff and contractors?

Yes. All Commonplace employees are screened to ensure entitlement to work in the UK, with proof of ID required. References are checked. Privileged access is reviewed as part of our regular access rights reviews and only granted to appropriate employees.
Regular training on both information security and data protection is delivered as eLearning with tests to ensure understanding. Further resources are provided via our intranet service (HQuminity).
Service providers and contractors conduct their own training with their employees in accordance with their policies and any contractual arrangement/obligation

More information: https://commonplace.atlassian.net/l/cp/GZuEtouT

Expand
Do employment contracts include consenting to all information security responsibilities inline with organisational policies and procedures?
title Do employment contracts include consenting to all information security responsibilities inline with organisational policies and procedures?

Yes. An example employment contract is available on request from customers@commonplace.is

More information: https://commonplace.atlassian.net/l/cp/fAnKR788

Expand
Do employees receive an information security and data protection training programme?
title Do employees receive an information security and data protection training programme?

All employees receive information security and data protection training on an ongoing basis. This starts as part of their induction process with further training delivered on an ongoing basis. This includes training on GDPR.

Refresher training is delivered approximately annually (can be 13-14 month cycles).

Additional subject specific training is delivered to different employees and teams as required (eg. ownership in ISO27001 for assigned asset owners).

More information: https://commonplace.atlassian.net/l/cp/K1td2jW3

Expand
titleIs there a formal disciplinary process for employees who have breached company policy (including any breaches of company security policy)?

Is there a formal disciplinary process for employees who have breached company policy (including any breaches of company security policy)?

Yes, this is covered by our Disciplinary Policy.

More information: https://commonplace.atlassian.net/l/cp/cX7g7apA

Does your organisation have arrangements in place to provide an alternate resource when a member of staff is not available for an extended period of time?

We've doubled the size of our workforce in the last few years and we have robust recruitment and onboarding processes, with plenty of documentation prepared to be able to train new employees. We also have number of staffing agencies that we work with and are available to support us with permanent or fixed term hires.
Expand
titleDoes your organisation have arrangements in place to provide an alternate resource when a member of staff is not available for an extended period of time?

More information: https://commonplace.atlassian.net/l/cp/cRHsrk5f