Information Security

InformationSecurity

As a modern, forward-looking business, Blue Star recognises at its most senior level the need to ensure that its business operates smoothly and without interruption for the benefit of its customers, shareholders and other stakeholders.


In order to provide such a level of continuous operation, Blue Star has implemented an Information Security Management System (ISMS) in line with the International Standard for Information Security, ISO/IEC 27001.


The operation of this ISMS has many benefits for the business, including:

  • Building high levels of customer trust and assurance in Blue Stars security stance
  • Building knowledge and expertise in all Blue Star staff members
  • Building enhanced shareholder value and assurance in security and risk management
  • Ensuring increased protection of revenue streams and company profitability
  • Ensuring ongoing compliance with contractual, legal and regulatory requirements
  • Ensuring the supply of goods and services to customers


An Information Security Policy is available in both paper and electronic form and will be communicated throughout the organisation and to all relevant stakeholders and interested third parties.


Commitment to the delivery of information security extends to senior levels of the organisation and will be demonstrated through the information security policy and the provision of appropriate resources to establish, develop and maintain the ISMS.


Senior management will also ensure that a systematic review of performance of the programme is conducted on a regular basis to ensure that information security objectives are being met and relevant issues are identified through the audit programme and management processes.


A risk management approach and process will be used which is line with the requirements and recommendations of ISO/IEC 27001. Risk management will take place at several levels within the ISMS, including:

  • Assessment of risks to the achievement of our information security objectives
  • Regular information security risk assessments within specific operational areas
  • Assessment of risk as part of the business change management process
  • At the project level as part of the management of significant change


We encourage all employees and other stakeholders in our business to ensure that they play their part in delivering our information security objectives.

Jill Cowling Signature.png

Jill Cowling

Group Chief Executive Officer
Blue Star and Webstar

Reviewed 1 September 2024

Russ Hewitt Signature.png

Russ Hewitt

On behalf of the Board of Directors

Effective from February 2024

PDF Download

Back To Policies