Timetabling Solutions periodically undertakes internal reviews and independent external assessments to support information security, regulatory compliance, operational effectiveness and continual improvement.
The scope and frequency of these activities are appropriate to the size of the organisation, the services we provide and the risks being managed.
Internal Reviews
Internal reviews may include:
Operational Reviews
- Effectiveness and efficiency of operational processes
- Resource utilisation
- Service delivery performance
- Business objectives and key performance indicators
Compliance Reviews
- Applicable legal and regulatory obligations
- Contractual commitments
- Internal policies and procedures
- Modern Slavery obligations
- Privacy and information security requirements
Information Security Reviews
- User access and permissions
- Information security controls
- Protection of customer information
- Incident management and business continuity arrangements
- Risk management activities
Financial Reviews
- Financial reporting
- Accounting practices
- Budgeting and forecasting
- Expense management
Technology Reviews
- Hardware and software assets
- System performance
- Backup and recovery arrangements
- Change management
- Vulnerability management
Independent External Assessments
Timetabling Solutions also undertakes independent external assessments where appropriate.
These may include:
- Annual financial statement audits
- Independent penetration testing
- ST4S assessments
- Customer security reviews and questionnaires
- Independent security assessments undertaken by customers or partners where appropriate
Findings from internal reviews and independent assessments are considered as part of the organisation's ongoing continual improvement activities.