Policies

---

Back

ICT Security Policy

April 2025

 

This policy sets out the working practice of The Haven’s staff and volunteers when using ICT, and the security measures in place to protect sensitive data.

• The Haven exclusively utilises Microsoft Office365 to create a secure environment for all online activity (excluding social media).
• All Advisors and Trustees as well as the Treasurers and Social Media volunteer have Office365 Haven e-mail accounts for managing Haven related communications.
• The Haven has one laptop, which is password protected.
• Documents containing sensitive data are only held by approved persons and only shared on a need-to-know basis with other members of the team using Microsoft Office365.
• The main email account (info@havencentre.org.uk) is backed up by an external third party, in addition to the automatic back-ups, which are version controlled and held securely in the cloud using Microsoft Office365.
• If there is a breach of security, due to a break in, or otherwise, the Chair of Trustees and Centre Manager will be informed immediately and will take appropriate steps to resolve the situation quickly. (See Information Security Incident Policy)