It is the policy of A&C to maintain a quality management system designed to meet the requirements of ISO 9001:2015 in pursuit of its primary objectives, the purpose and the context of the organisation.
It is the policy of A&C to:
- Provide satisfaction to all of our customers and other stakeholders and interested parties whenever possible, meeting and exceeding their expectations;
- Comply with all legal requirements, codes of practice, contractual obligations and all other requirements applicable to our activities;
- Meet out regulatory obligations with respect to the brokerage of medicines
- Ensure the reduction of hazards, prevention of injury, ill health and pollution;
- Provide all the resources of equipment, trained and competent staff and any other requirements to enable these objectives to be met;
- Ensure that all employees are made aware of their individual obligations in respect of this quality policy;
- Maintain a management system that will achieve these objectives and seek continual improvement in the effectiveness and performance of our management system based on “risk”.
Customer service is an essential part of the quality process and to ensure this is fulfilled, all employees receive training to ensure awareness and understanding of quality and its impact on customer service.
It is the responsibility of all employees and relevant contractors to ensure they are familiar with our quality requirements and the applicable policies and procedures that underpin them.
To ensure the company maintains its awareness for continuous improvement, the quality system is regularly reviewed by Senior Management to ensure it remains appropriate and suitable to our business. The Quality System is subject to both internal and external annual audits.
INFORMATION SECURITY MANAGEMENT SYSTEM POLICY
It is the policy of A&C to maintain an information security management system designed to meet the requirements of ISO 27001:2017 in pursuit of its primary objectives, the purpose and the context of the organisation.
Our objective is to protect the company from incidents that could have an adverse effect on the company’s ability to (i) protect the confidentiality of its information (ii) maintain the integrity of its data and (iii) ensure the availability of its data and services.
Using the ISO 27001:2017 framework and the deployment of applicable security controls and technologies, we will assess, manage, continuously review and improve information security related risks. We shall also ensure compliance with any applicable legal and regulatory information security requirements.
It is the responsibility of all employees and relevant contractors to ensure they are familiar with our information security requirements and the applicable policies and procedures that underpin them. All employees and relevant contractors will be provided with regular information security and awareness training to educate them on current security threats and best practice mitigation techniques
To ensure the company maintains its awareness for continuous improvement, the information security management system is regularly reviewed by Senior Management to ensure it remains appropriate and suitable to our business. The information security management system is subject to both internal and external annual audits.
Name: Scott Healy
Position: Director