About Information Security

Security Policy Statement

Purpose
Colt’s vision to become the most customer orientated business in our industry relies on our ability to demonstrate effective application of appropriate controls to protect our physical, information and personnel assets. The purpose of this statement is to identify, at the highest organisational level, Colt’s security principles and how they should be communicated, implemented and monitored. I expect all personnel to understand and take full ownership of their responsibilities in ensuring security in Colt.

Introduction
Colt’s Security Policy Statement outlines: Colt’s strategic security principles; Where ownership for the application of these principles lies; How this statement and its subordinate policies, standards and procedures will be communicated; and The importance of compliance with this statement and the consequences of non-compliance. The principles contained in this statement are supported by a framework of policies, standards and procedures which explain how they are implemented.

Security principles

  1. Colt will comply with all applicable regulatory and legislative security requirements and contractual obligations.
  2. Colt will implement and operate an Information Security Management System (ISMS) compliant, and where required certified, with ISO 27001. It will monitor, review and, as appropriate, continually improve this ISMS. Security objectives, consistent with this and subordinate security policies and standards, shall be identified and documented, as appropriate, throughout the organisation.
  3. Colt shall identify all assets in scope of its ISMS, including those entrusted to it by its customers, and any threats to their confidentiality, integrity or availability.
  4. Colt will implement coordinated physical, information and personnel security controls to effectively manage security risks and opportunities.
  5. Colt shall apply effective control of access to its premises and systems. Where access is provided it will be based on clearly defined business needs.
  6. Colt will maintain secure workplaces for its employees, third-parties and visitors.
  7. Colt will confirm the identity of all employees and third-parties prior to them having unescorted access to its premises or systems. Where a risk assessment identifies a need, personnel will be subject to an appropriate level of background screening prior to and, as required, at periodic intervals during their employment.
  8. Colt will promote security awareness amongst all employees and third-parties, and will develop a security and risk aware culture throughout the business.
  9. The highest standard of integrity and ethical behaviour is fundamental to Colt’s success. Consequently, Colt will pursue and investigate all allegations of criminal activity and unethical business conduct and will maintain a proactive programme of crime prevention and asset protection.
  10. Colt will ensure that every area of the business plans for emergencies that may affect the security of its employees or may interrupt critical business functions or processes.
  11. Business relationships that may present risk to Colt and/or our customers will be proactively examined to identify areas of concern. Identified risks will be managed effectively and at a level consistent with the business’s risk appetite.

Carl Grivner
Chief Executive Officer

Colt in Asia Granted ISMS Certification – International Standard and Japanese Standard

Colt has instituted stringent information security measures under its Information Security Policy to protect business and customer information.

Colt is ISO27001 certified since 2004 and the certification covers all the facilities in Japan and the data centers in Singapore and Hong Kong.

Colt will continue to strengthen and enhance information security measures to protect information from every conceivable threat and to offer highly reliable services.

Summary of Certification

Location:

All of Colt’s Japan offices, Tokyo Data Centre 1, Tokyo Data Centre 2,Hong Kong Data Center 1 and Singapore Data Center 1

Scope of registration:

Design, Development, Operation and Maintenance of following domestic and international services.

  • IT Management Services (Cloud, Managed, Data Centre)
  • Network Services (Data Communications, Voice Communications, Internet Access Services)

Certification Standard:

ISO/IEC27001: 2013 (JIS Q 27001:2014)

Certificate Number:

IS 87997

Certification date:

October 28, 2004

Expire date:

October 25, 2019

Certification Registrar:

BSI Group Japan K.K.

Certification Registry:

ANAB(ANSI-ASQ National Accreditation Board), JIPDEC (Japan Information Processing Development Center)

isms-logo