In order to adequately protect the information that Normandin Beaudry handles in the course of its business activities, a global approach to information security and governance has been implemented based on a risk management approach.
To establish this strong, integrated governance, the measures we have implemented allow us to effectively formalize our information protection system in line with legal requirements, those of our clients and specific information security regulations and standards.
At Normandin Beaudry, information security and governance are based on the following key principles:
- Availability: Normandin Beaudry identifies accessibility and usability mechanisms throughout the information lifecycle, supported by a business continuity plan that is regularly updated to ensure the continuity of our operations.
- Integrity: Normandin Beaudry ensures the integrity of all information it processes.
- Confidentiality: Normandin Beaudry provides all information handled with adequate protection that is commensurate with its criticality to ensure its confidentiality, from collection to disposal.
- Commitment: Normandin Beaudry raises awareness among and trains its staff on the consequences of a security breach and the roles and obligations of all employees in the information protection process.
- Information security: Commensurate security measures identify the protection, defence, and resilience elements to be deployed to ensure Normandin Beaudry continues to operate to the best of its abilities and needs, in order to meet our clients’ requirements.
- Accountability: The clear assignment of responsibilities, including those of third parties, is an essential component of effective information security management. They contractually agree to comply with Normandin Beaudry’s information security rules and standards.
- Universality: When relevant, the information security practices and solutions assessed, implemented and operated should reflect recognized and widely used national and international practices.