Information Security Policy Statement

 

Oxford Conversis Limited (Conversis) is proud of the reputation we have built since being established in 2003.

Our focus has been to become the leading partner to the Life Sciences industry. To achieve this, all Conversis teams are highly skilled in the nuances of life sciences translations and our clients’ businesses and goals. Currently over 99% of our business is focused on Life Sciences linguistic requirements.

This reputation has been gained from developing long term relationships with CROs, pharmaceuticals, medical communication agencies, medical device and biotech companies through both the quality of our work and breadth of our capabilities, covering linguistic services such as: Translation, Localisation, Transcreation, Desktop Publishing, Voice Over and Subtitling Services.

We recognise that effective Information Security management is key to achieving our values and have established an Information Security Management System, within our Management System, which meets the requirements of the International Standard ISO27001:2022.

Information Security is the responsibility of every employee, throughout CONVERSIS. It is the duty of all employees to ensure that all of our services, and those of our suppliers, meet the Information Security criteria set by CONVERSIS. CONVERSIS supports a culture that values the highest Information Security performance from every employee and every function. As such, the Information Security Management System ISMS is achieved through understanding the risks and opportunities that may impact information within the business and the use of several controls (within the Statement of Applicability SOA), including policies, processes, procedures, software, and hardware functions to manage these issues. The Information Security Policy Statement ensures confidentiality, integrity, security, and availability of internal, customer and supplier information.

The SOA controls are continually monitored, reviewed, and improved to ensure that specific security objectives are met, and the ISMS continual improvements are made to the management system. This is operated in conjunction with other business management processes and incorporates the applicable statutory and contractual requirements. Objectives have been defined; they are designed to drive the management system forward and bring about continual improvement. Objectives will be focused on improving confidentiality, integrity, and availability.

The Information Security Management system has been designed to address legislation, and other requirements, as listed in the legal register.

Information Security is controlled through the preservation of:

Confidentiality: ensuring that information is accessible only to those authorised to have access.

Integrity: safeguarding the accuracy and completeness of information and processing methods.

Availability: ensuring that authorised users have access to information and associated assets.

CONVERSIS operates a programme of information security awareness and compliance through company inductions, training, and internal audits.

All employees are empowered to identify any potential security weaknesses and/or incidents and report through the appropriate management channels.

A robust system is in place to continually improve the security controls to:

The Management System is implemented, reviewed, updated, and audited through our management structure to ensure its ongoing effectiveness and to identify opportunities for improvement. The Management System Manual and Information Security Policy is fully endorsed by CONVERSIS ’s Board of Directors.

This Information Security Policy Statement will be available as documented information, communicated to all CONVERSIS  employees during inductions and internal communications channels and will be made available to interested parties, as appropriate.

 

Date: 04/04/2025

Signed:

Craig Harrison – Chief Executive Officer