Company Policies and Statements

Modified on Tue, 29 Oct at 9:26 AM

Background

Please find below links to a range of the published policy statements and standards for Personal Audit System Ltd (PAS Ltd). If you are looking for more specific details on our SaaS/Hosted offering (data centres etc), then please also refer to our Hosted/SaaS Security Questions and Technical Policies page.

Policy documents and articles are usually reviewed during an annual process in August, although articles are updated as and when changes are made.

Risk Ledger

To ease the qualification of the suitability of PAS Ltd to meet your requirements, we contribute to Risk Ledger, which is is a collaborative platform for supplier due diligence that helps organisations simplify, visualise, and mitigate supply chain security risk. We would encourage you to review all the data on this page and available from our Risk Ledger profile before sending questionnaires - you should find everything you need. We will happily share the assessment and link with your company should you so desire.

General Company Policies

Document/Policy	Publication Date/Expiry Date
Acceptable Use Policy	13/08/2024
Access Management Policy	13/08/2024
Anti-Bribery Policy	13/08/2024
Asset Management Policy	13/08/2024
Backup Policy	13/08/2024
Bring Your Own Device (BYOD) Policy	13/08/2024
Business Continuity Plan	13/08/2024
Business Code of Behaviour	13/08/2024
Change Management Policy	13/08/2024
Clean Desk Policy	21/10/2024
Computer Use	12/08/2024
Confidentiality and Non-Disclosure	24/09/2024
Configuration/Hardening Policy	13/08/2024
Cyber Essentials Certificate	26/01/2025
Data Classification Policy	10/08/2024
Data Handling Policy	13/08/2024
Disposal of Sensitive Data	13/08/2024
Environmental Policy	13/08/2024
Equal Opportunities	11/08/2024
Health & Safety Policy	13/08/2024
HR Security Policy	13/08/2024
Incident Handling and Data Breach	13/08/2024
Information Asset Register (IAR)	16/08/2024
Information Commission Officer (ICO) Certificate	22/02/2010 - 22/02/2025
Information Security Policy	13/08/2024
Leaver Checklist	13/08/2024
Modern Slavery Act Statement	13/08/2024
New Starter Checklist	10/08/2024
Penetration Test Summary	09/03/2024
Physical Security Policy	16/08/2024
Quality Policy	13/08/2024
Record of Processing Activities (RoPA)	16/08/2024
Risk Management Policy	13/08/2024
Software Development Life Cycle	14/08/2024
Software Risk Assessment	13/08/2024
Software Update and Patch Management	15/08/2024
Whistleblowing	13/08/2024
Wireless Security Policy	10/08/2024

GDPR Data Sharing Details

Data Sharing Document	Date Issued
Data Sharing for the locally installed (onsite) P11D Organiser	17/05/2018
Data sharing for the SaaS/Hosted P11D Organiser	17/05/2018

Support SLAs

Priority	Response Within
Urgent	1-4 Hrs
High	4-8 Hrs
Medium	1-5 Days
Low	2-30 Days

Development Standards

Document/Policy	Publication/Review Date
Software Development Life Cycle	03/12/2021
Secure Coding Best Practice	01/02/2021
C# Coding Standards	05/03/2015
VFP Coding Standards	05/03/2015

PAS Bank Details

Document	Review Date
Bank Details/Invoicing Details	21/01/2022
Bank Details/Invoicing Details (PDF)	08/07/2021

Terms & Conditions

Document	Review Date
T&Cs for the onsite P11D Organiser	06/12/2021
T&Cs for the hosted/SaaS P11D Organiser	06/12/2021

Insurance Policies

Details of the insurance policies that PAS Ltd hold can be found here.