Quality and Information Security Policies

• About
• Accreditations and Affiliations
• Behavior Policy
• Certification Mark Use Policy
• Certification Process
• Code of Ethics
• Complaint and Appeal Policy
• Digital Trust: Building a Secure Future
• GDPR Privacy Statement
• PECB Code Of Ethics Violation Policy
• PECB Leadership
• PECB Policy Regarding Canadian and International Economic Sanctions and the Countries Impacted
• Quality and Information Security Policies
• Refund Policy
• Statement of Impartiality
• The Value of PECB Certification
• Violation of PECB Brand and Fraud Reporting Policy

Quality Policy

It is the policy of our organization to:

1. Define and meet our customer’s requirements.
2. Ensure that our Policies and Procedures are clear and concise to reflect what we actually do.
3. Monitor and analyze performance metrics, making any necessary changes or adjustments to customer programs, customer satisfaction, the Quality Management System, and/or any related entities as appropriate.
4. Educate all employees about the linkages between their jobs and Customer satisfaction.
5. Ensure effective Customer and internal communication.
6. Foster a team approach to problem solving and preventive action by empowering all employees to be quality ambassadors.
7. Integrate organization’s Quality Management system into the Company’s culture and daily practices, establishing a long-term commitment to quality, continuous improvement, and customer satisfaction.
8. Meet and/or exceed our customer’s expectations through continuous improvement.
9. Guarantee that organization’s top management meets regularly with the Quality Management representative to review and ensure the effectiveness of the Quality Management System.

Information Security Policy

Policy Summary 

• Information should always be protected, regardless of how it is formed, shared, communicated, or stored.

Introduction 

• Information can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by post or by using electronic means, shown on films, or spoken in conversation. 
• Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, and maximize return on investments and business opportunities. 

Scope 

• This policy applies to all departments in the organization.

Information Security Objectives 

• Strategic and operational information security risks are understood and treated as acceptable to the organization. 
• The confidentiality, integrity, and availability of customer information, product development and all confidential information are assured.  

Information Security Principles 

• This organization encourages risk-taking and tolerates risks provided that information risks are understood, monitored, and treated when necessary. 
• All employees will be made aware and accountable for information security as relevant to their role.
• Provisions will be made for funding information security controls in operational and project management processes. 
• Information security risks will be monitored and action taken when changes result in unacceptable risks. 
• Situations  that  could  place  the  organization  in  breach  of  laws  and  statutory  regulations  will  not  be  tolerated.

Responsibilities 

• Management is responsible for ensuring that information security is adequately addressed throughout the organization. Management shall also review this policy annually, or as needed when significant changes occur in the organization, and document this review.
• Each manager is responsible for ensuring that the people who work under their control protect information in accordance with the organization’s requirements. 
• Every staff member has information security responsibilities as part of doing their job.