Quality and Information Security Policy
(1) Purpose
The purpose of this document is to demonstrate Toro Recruitment Ltd’s commitment to quality management and information security, continual improvement and to satisfy applicable quality requirements of its interested parties such as clients, partners and suppliers.
(1.1) Applicability
This policy is applicable to all Toro Recruitment Ltd employees and contractors. It may also be made available upon request to all interested parties.
(2) Policy
Toro Recruitment Ltd operates a Quality and Information Security Policy dedicated to ensuring the success of the delivery and maintenance of its recruitment and head-hunting solutions.
Toro’s policy is that its consultants should look beyond any Standard and identify, define and align with the real business drivers of its clients and the requirements of its candidates with sustained focus on continuous improvement.
To support this policy, Toro aims to ensure that all consultants have the widest relevant experience and are trained to be able to discuss roles and work with clients across the various aspects of the energy and utilities industries in the UK. Toro achieves this thanks to a rigorous Recruitment Policy, a comprehensive induction process, ongoing performance review and feedback, and continuous training.
This policy is further underpinned by plans and objectives to continue to improve the effectiveness of Toro’s own management systems focused on the delivery of its services and to drive all activities in order towards achieving successful outcomes for both its clients and candidates.
Toro Recruitment Ltd is committed to the development, implementation and maintenance of an Information Security Management System that:
-
Provides assurance within the company and to our clients, candidates and partners that the availability, integrity and confidentiality of their information will be maintained appropriately
-
Manages information security risks to all company, client and candidate assets
-
Protects the company’s ongoing ability to meet contracted commitments through appropriate Business Continuity
-
Bases information security decisions and investments on risk assessment of relevant assets considering Integrity, Availability and Confidentiality
-
Considers business and legal or regulatory requirements and contractual security obligations
-
Maintains awareness of all employees so that they can identify and fulfil contractual, legislative and company specific security management responsibilities
-
Minimises the business impact and deals effectively with security incidents
-
Meets the requirements of any other interested parties not already specified
(3) Policy Adherence
All policies and procedures can be found within Toro Recruitment Ltd’s Integrated Management System. It is the responsibility of employees and contractors to read these and report any non-compliance in accordance with the Information Security Incident Reporting Policy.
(4) Monitoring
(4.1) Monitoring
Compliance with this policy will be highlighted through notification of any Information Security and other Governance breaches whereby an investigation will identify non-compliance and then seek to understand and address the reasons for non-compliance.
(4.2) Audit and Review
(4.2.1) Internal Review
Compliance with this policy will be monitored through Internal and Information Security Audits, and by other management checks as required.
(4.2.2) External Review
Inspections by external auditors may be carried out from time to time.
As part of these activities, external inspectors may ask to view internal records. Supervised access to such records must be provided where requested.
Copies of records must not be removed from site by an inspector, unless this has been specifically approved by the Managing Director.
(4.2.3) Policy Review
This policy will be reviewed by the Managing Director or his nominated delegate at regular intervals, not exceeding 1 year, or when business changes warrant it as part of the continual service improvement process.