A message from our IT Infrastructure Team
At Dornan, information security is a core part of how we operate and deliver services to our clients, partners, suppliers and employees. We are committed to protecting the confidentiality, integrity and availability of the information entrusted to us and maintaining the trust placed in us by our stakeholders.
Dornan maintains an Information Security Management System aligned to the requirements of ISO/IEC 27001:2022. Our approach is risk-based and supported by documented policies, clear responsibilities, governance oversight, training, monitoring, audit and continual improvement.
Security controls are applied across our business to manage access to systems and information, protect assets, support secure remote working, manage operational change, respond to incidents and oversee supplier and third-party access. Access is granted based on business need and the principle of least privilege, with privileged access restricted, controlled and reviewed.
We also maintain operational controls covering areas such as backup, logging, malware protection, vulnerability management, secure configuration, audit controls and recovery planning. Our employees and relevant external resources receive security and privacy awareness training to help ensure information is handled responsibly and securely.
Through ongoing monitoring, internal audit, management review, risk assessment and corrective actions, Dornan continually reviews and improves its security controls to support legal compliance, operational resilience and the ongoing protection of information.
IT Infrastructure Team
Dornan Engineering Group
Documents
Information Security and Privacy Policy
Our policy outlines how we protect information and ensure the privacy of our data.
ISMS DOC. Dornan Security Controls Summary to the Security
Summary of our Information Security Management System and security controls.