Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

  Does your organisation perform background checks on staff and contractors?

Does your organisation perform background checks on staff and contractors?

Yes. All Commonplace employees are screened to ensure entitlement to work in the UK, with proof of ID required. References are checked. Privileged access is reviewed as part of our regular access rights reviews and only granted to appropriate employees.
Regular training on both information security and data protection is delivered as eLearning with tests to ensure understanding. Further resources are provided via our intranet service (HQuminity).
Service providers and contractors conduct their own training with their employees in accordance with their policies and any contractual arrangement/obligation

  Do employment contracts include consenting to all information security responsibilities inline with organisational policies and procedures?

Do employment contracts include consenting to all information security responsibilities inline with organisational policies and procedures?

Yes. An example employment contract is available on request from customers@commonplace.is

  Do employees receive an information security and data protection training programme?

Do employees receive an information security and data protection training programme?

All employees receive information security and data protection training on an ongoing basis. This starts as part of their induction process with further training delivered on an ongoing basis. This includes training on GDPR.

Refresher training is delivered approximately annually (can be 13-14 month cycles).

Additional subject specific training is delivered to different employees and teams as required (eg. ownership in ISO27001 for assigned asset owners).

 Is there a formal disciplinary process for employees who have breached company policy (including any breaches of company security policy)?

Is there a formal disciplinary process for employees who have breached company policy (including any breaches of company security policy)?

Yes, this is covered by our Disciplinary Policy.

 Does your organisation have arrangements in place to provide an alternate resource when a member of staff is not available for an extended period of time?

Does your organisation have arrangements in place to provide an alternate resource when a member of staff is not available for an extended period of time?

We've doubled the size of our workforce in the last few years and we have robust recruitment and onboarding processes, with plenty of documentation prepared to be able to train new employees. We also have number of staffing agencies that we work with and are available to support us with permanent or fixed term hires.

  • No labels