ISMS Policy

Policy statement

Strategic Group Pty Ltd is committed to protecting the confidentiality, integrity and availability of information assets — both our own and those entrusted to us by our clients. This policy statement applies to all staff, contractors and systems operating within our Information Security Management System (ISMS).

Scope

This ISMS covers all information assets used in the delivery of managed IT, cybersecurity and advisory services, including client data, internal systems and third-party integrations.

Objectives

• Protect client data from unauthorised access, disclosure, alteration or destruction
• Comply with applicable legal, regulatory and contractual requirements
• Continuously improve security controls through risk assessment and audit
• Build and maintain client and stakeholder trust through transparent security practices

Framework alignment

Our ISMS is structured to align with ISO/IEC 27001:2022 and the Australian Signals Directorate's Essential Eight Maturity Model. Formal ISO 27001 certification is in progress.

Review

This policy is reviewed annually and following any significant security incident or organisational change.

Contact

Security enquiries: security@strategicgroup.net.au