27001:2013 Information Security

Security Assured Document Management Service

ISO 27001 Logo for Information Security

Box-it is dedicated to an Information Security Policy which will ensure that its operations meet the requirements of ISO 27001:2013 at all times.

Box-it believes in the concept of Client and Box-it working together in pursing this policy and in continually striving for improvements in Information Security.

All Box-it employees must have a positive commitment to Information Security and respond effectively to achieve the standards required of them.

The Information Security Policy is based on four fundamental principles:

  1. To ensure all staff have a proper awareness and concern for physical security, computer systems security and a need to understand their responsibility for information security.
  2. To ensure all contractors and their employees have a proper awareness and concern for The Company’s property and security information.
  3. To provide a framework giving guidance for the establishment of standards, procedures and computer facilities for implementing information systems security.
  4. To ensure all staff are aware of their accountability and that they are aware that failure to comply with the Information Security Policy may result in a breach of Client and/or Company security and may result in disciplinary action.

To ensure that the policy is successfully implemented, each member of staff will be responsible for understanding the security impact of their job, complying with internal requirements and ensuring that the correct procedures are followed to meet those requirements.

All employees are involved in the Information Security Policy; its principles and objectives will be communicated and available at all times. Assistance and training will be given to ensure the relevant knowledge and experience is acquired for successful implementation of this policy.

The Information Security Management System is closely monitored both internally and by UKAS accredited registration body, Intertek.


The Company is committed to implement and maintain, a document management service which complies with the requirements of ISO 27001:2013. This operating system is designed to embrace all company functions, thus ensuring the efficiency of the business and the consistent delivery of a quality product/service for all customers. To this effect, the Information Security Policy has been established and communicated at all levels within the organisation.


The Company will exhibit only the highest standards in maintaining a policy of honesty and correctness at all times towards both customers and employees. The Company Information Security Representative, in conjunction with Senior Management has responsibility for ensuring that all legal requirements applicable to the business activities and relevant industry ‘Codes of Practice’ are identified, understood and adhered to.


All enquiries for service will be subject to formal controls, with particular attention paid to any contractual security requirements. Procedures are established to ensure that the customer’s needs and requirements are determined and adequately met with the objective of achieving customer satisfaction at all times.

For more information on our document management services, contact us online.