SHOP ONLINE NOW

Our E-Commerce Site is now live. You can view pricing and place orders directly online.

Information Security Policy

The purpose of the Information Security Policy ("Policy"), which forms the basis for securing and protecting the information assets and environment they operate in for Kempston Controls LLC, is to outline the overall management framework and guiding principles for information security. The scope of the policy is to cover all of the company operations.

The primary goals of this information security policy for Kempston Controls LLC are as follows:

  • To identify through appropriate risk assessment, the value of information assets, to understand their vulnerabilities and the threats that may expose them to risk.
  • To manage the risks to an acceptable level though the design, implementation and maintenance of a formal Information Security Management System.
  • To not completely eliminate information security risks but to minimise them in the most cost-effective manner, offsetting the cost of controls against the anticipated reduction in losses due to security breaches.

The implementation of this policy is important to maintain and demonstrate our integrity in our dealing with customers and suppliers. It is the policy of Kempston Controls LLC to ensure:

  • Confidentiality of information is maintained
  • Integrity of information through protection from unauthorised modification
  • Availability of information to authorised users when needed
  • Information is protected against unauthorised access
  • Information is not disclosed to unauthorised persons through deliberate or careless action
  • Regulatory and legislative requirements will be met
  • Business continuity plans are produced, maintained and tested as far as practically possible
  • Information security training is given to all Employees where relevant
  • All breaches of information security and suspected weaknesses are reported and investigated
  • Calls to the contact centre may be monitored or recorded

Information security practice in Kempston Controls LLC is guided by the following fundamental principles:

  • Information security controls are necessary to protect Kempston Controls LLC information against unacceptable risks to their:
    • Confidentiality (e.g. preventing unauthorised disclosure of sensitive corporate or personal information),
    • Integrity (e.g. ensuring that human errors and programming bugs do not reduce the completeness or accuracy of our data); and
    • Availability (e.g. minimising unplanned system downtime and consequent interruption of critical business processes).
  • We invest wisely in proven information security controls where justified on the basis of lifecycle cost/benefit assessment and risk analysis.
  • Information security is a core element of corporate governance. It is closely related to aspects such as IT management, risk management, legal and regulatory compliance and business continuity. It supports various obligations to our employees, business partners and the community at large.
  • Information security is a business enabler that allows us to enter more confidently into and maintain business relationships, markets and situations that would otherwise be too risky. By minimising net losses resulting from information security breaches, it supports our financial bottom line. It also enhances our corporate imageas a trustworthy, open, honest and ethical organisation.

The Kempston Controls LLC Director will measure and review the effectiveness of our information security efforts on an annual basis.