page contents
Select Page

iQuda Quality Policy and Information Security Management System Objectives

Policy details

Version 3

Date of this version: 07/10/2016

Reference: QQPV3

1. Introduction

All staff working for iQuda Ltd have a duty to maintain the highest standards of quality. This applies to providing a quality service to our clients and to conducting our business activities (internal and external) with attention to high standards of quality.

How quality is defined by the Oxford dictionary:

“the standard of something as measured against other things of a similar kind; the degree of excellence of something.”

“General excellence of standard or level”

Quality applies in number ways:

a) how we conduct ourselves i.e. our attention to detail, the general attention we give to the work we do.

b) how well we perform our services (this is measured for example through our performance against service level agreements (SLAs) and through mechanisms of gaining customer feedback.

c) how well we maintain the systems and processes that enable us to carry out our activities (iQuda makes this a part of certain job descriptions).

2. Purpose

This document is the Quality policy of iQuda Ltd and for the purpose of this manual will be referred to as ‘iQuda’.

The Manual is the property of iQuda and is a controlled document.

The purpose of the Manual is to outline the quality policy in operation at iQuda.

It is not designed to act as a procedures manual, although it does carry information about where procedures information is located and the detailed information on documentation requirements for the procedures required by the respective standards.

3. Scope

This policy applies to all staff employed by or on behalf of iQuda, whether permanent or temporary. The requirements of the company’s quality system are mandatory and all company personnel have a responsibility and obligation to it.

4. Quality Objectives

Our objectives are identified and agreed by company director Anthony Jones and the senior management team during bi-monthly or quarterly meetings (frequency is dependant on the nature of the items discussed during the meeting). Objectives are disseminated to each department/project for incorporation into their management roles. Each department is responsible for delivering its objectives and this is monitored via individual, appraisals & team meetings.

Customer service is an essential part of the quality process and to ensure this is fulfilled, all employees receive training to ensure awareness and understanding of quality and its impact on customer service.

We aim to provide a professional and ethical service to our clients. In order to demonstrate our intentions, Our Management Team will analyse customer feedback data, internal performance data, financial performance data and business performance data to ensure that our Quality Objectives are being met.

We have identified the following Quality Objectives.

Objective 1: Existing services

iQuda Ltd will continue to deliver its services within a secure environment, seeking to continually improve our security processes. This will be reviewed regularly as part of Management Reviews. Staff will be measured on their performance during appraisals in June.

Objective 2: Development and ongoing improvement

iQuda Ltd will conduct annual reviews and risk assessment to ensure that risk to information in the care of iQuda Ltd is minimised or eliminated.

Objective 3: Risk reduction

iQuda Ltd will continue to identify gaps in our technological infrastructure, seeking to remove these gaps to  ensure greater  business continuity. This is monitored and maintained through monthly meetings between the technical team and Managing Director, Anthony Jones.

Objective 4: Information security

iQuda Ltd will continue to increase our information security by ensuring that policies are adhered to and by promoting a paperless working environment to as great an extent as possible. Performance against this objective will be measured by Anthony Jones and overseen by Senior Management.

4. Management Responsibility

iQuda’s Senior Management Team are committed to the development and implementation of a Quality Policy, an Information Security Policy, a Quality Management System and an Information Security Management System, and to frequently review these systems. Responsibility has been assigned to ensure that the Quality Policy and our performance against objectives complies with respective standards and that performance is reported on to relevant interest parties.

The designated Management Representative(s) will ensure that iQuda staff are aware of the importance of meeting customer as well as statutory and regulatory requirements, and overall, to contribute to achieving iQuda’s Quality and Information Security Objectives which are aligned with the current business plan.

The Senior Management Team is responsible for implementing the QMS / ISMS and ensuring the system is understood and complied with at all levels of the organisation.

In summary, the Senior Management Team will ensure that:

The company has a designated Management Representative who is responsible for the maintenance and review of the Quality and Information Security Management Systems.

The ongoing activities of iQuda are reviewed regularly and that any required corrective action is adequately implemented and reviewed to establish an effective preventative process.

Measurement of our performance against our declared Quality / ISMS Objectives is undertaken.

Resources needed for the ISMS are available and employees have the necessary training, skills and equipment to effectively carry out their work.

Internal audits are conducted regularly to review progress and assist in the improvement of processes and procedures.

Objectives are reviewed and, if necessary amended, at regular Review meetings and the performance communicated to all staff.

The information security policy and objectives are established in line with the strategic direction of the organisation and that intended outcome(s) are achieved

The QMS / ISMS are integrated into the organisations processes.

Communication covering the importance of effective information security management and conformance to the ISMS requirements is in place.

Continual improvement is promoted.

The contribution of persons involved in the effectiveness of the ISMS is achieved by direction and support and other management roles within their area of responsibility are supported.

5. Human Resources

All employees have the training and skills needed to meet their job requirements. All employees are monitored on an ongoing basis to identify any training and development needs. Competences and training needs are identified / satisfied by using:

Job descriptions which set out the competences required

Contracts of employment which set out contractual and legal requirements

Induction checklists to ensure / check understanding

Appraisal reviews to monitor performance

Development plans to set objectives

On the job reviews to ensure / check levels of competence

A training / competency matrix

6. Infrastructure

All of our management is done at our head office. This includes:

Management of financial matters

Handling of client orders

Personnel records

In terms of equipment used to deliver our product / service, asset registers and maintenance records are kept for the following:

Machinery (Information Assets)

7. Customer Satisfaction and Complaint Management

Customer Satisfaction

Customer satisfaction is determined through the analysis of client review meetings, follow up calls and account management activities. The results are collated and analysed to ensure that any problems or themes that arise are dealt with appropriately. Other metrics are used to identify client perception of the company, including client retention, repeat business and account acquisition data. This is reported and discussed at Management Review.

Complaints

As part of our ongoing commitment to providing excellent service, we have a policy of dealing with all complaints to the satisfaction of the complainant (see Q218 iQuda Complaints Policy). Any complaint received is initially recorded on a Complaints Report and handled by the person appropriate to the area of the complaint. Should the complaint not be resolved to the complainant’s satisfaction, it is then immediately referred to the Managing Director. We recognise that despite having robust quality control procedures in place we may still encounter problems which generate complaints and we ensure that in such cases records are kept (including any correspondence). Details of any complaints are recorded in the company’s QCS iQuda Complaints Summary Document.

8. Measurement, Analysis and Improvement

Monitoring & Measurement of Service

Our approach determines what needs to be measured inclusive of Quality and security processes / controls,  the methods by which we ensure valid results, the periods and persons involved in conducting this activity and the reporting frequency and the responsibility for analysing and evaluating the results. We retain all documents and records involved in this process.

iQuda establishes at the outset of a new service contract the reporting demands within the Service Level Agreement. This process will be supported with the data reports compiled and will enable the review to monitor performance, effectiveness of delivery, contract compliance and potential service developments. iQuda provides full information for this purpose on a quarterly and annual basis.

9. Continual Improvement

The organisation will continually improve the effectiveness of the Quality  Systems through the use of the quality policy, quality objectives, audit results, analysis of data, corrective and preventive actions and management review. Continual improvement is ensured by regularly reviewing all policies in place at iQuda, and by using the feedback we receive as part of our process of continual learning or “lessons learned” process. (see Q214 iQuda Incident Management Procedure Policy). Information we gain through this process becomes part of ongoing staff training and will be used to further employee understanding and will inform company policy.

10. Implementation

We review our performance as part of a continuous review of Management Information, service-user/customer feedback and comments. In particular we review our progress against our Quality objectives (business plan aims), with a view to seeing what we can improve and where.

The Company Quality Action Log and Internal Audits define the actions required to generate relevant data for analysis. Data is collected from, but not restricted to:

a. Incident Log

b. Internal Quality and ISMS Audits

c. Client Feedback

11. Compliance spot checks

In order to ensure that we continue to work towards our objectives, compliance spot checks may be conducted at routine internals. Our spot checks are conducted in order to ensure that staff comply with our internal policies and procedures, and to ensure that we continue to identify gaps in our service delivery. All staff are required to partake in compliance spot checks when asked to do so by management.

12. Review Arrangements

To ensure iQuda maintains its awareness for continuous improvement, the quality system is regularly reviewed and is subject to annual audit. This Policy will be reviewed every 1 year

APPENDIX 1 – Quality Statement  – as displayed in Office

iQuda Quality & Information Security Management System Objectives

All staff working for iQuda Ltd have a duty to maintain the highest standards of quality. This applies to providing a quality service to our clients and to conducting our business activities (internal and external) with attention to high standards of quality. The Oxford dictionary defines quality as:

“the standard of something as measured against other things of a similar kind; the degree of excellence of something” and “General excellence of standard or level”.

Quality applies in number ways:

d) how we conduct ourselves i.e. our attention to detail, the general attention we give to the work we do.

e) how well we perform our services (this is measured for example through our performance against service level agreements (SLAs) and through mechanisms of gaining customer feedback.

f) how well we maintain the systems and processes that enable us to carry out our activities (this forms part of certain job descriptions).

Objective 1: Existing services

iQuda Ltd will continue to deliver its services within a secure environment, seeking to continually improve our security processes. This will be reviewed regularly as part of Management Reviews. Staff will be measured on their performance during appraisals in June.

Objective 2: Development and ongoing improvement

iQuda Ltd will conduct annual reviews and risk assessment to ensure that risk to information in the care of iQuda Ltd is minimised or eliminated.

Objective 3: Risk reduction

iQuda Ltd will continue to identify gaps in our technological infrastructure, seeking to remove these gaps to ensure greater  business continuity. This is monitored and maintained through monthly meetings between the technical team and Managing Director, Anthony Jones.

Objective 4: Information security

iQuda Ltd will continue to increase our information security by ensuring that policies are adhered to and by promoting a paperless working environment to as great an extent as possible. Performance against this objective will be measured by Anthony Jones and overseen by Senior Management.

Agreed by:

Anthony Jones

Managing Director

Share This