Company Policies and Statements

Modified on Wed, 28 Jan at 4:33 PM

Background

Please find below links to a range of the published policy statements and standards for Personal Audit System Ltd (PAS Ltd). If you are looking for more specific details on our SaaS/Hosted offering (data centres etc), then please also refer to our Hosted/SaaS Security Questions and Technical Policies page.

Policy documents and articles are usually reviewed during an annual process in January although articles are updated as and when changes are made.

Risk Ledger

To ease the qualification of the suitability of Personal Audit Systems Ltd to meet your requirements, we contribute to Risk Ledger, which is is a collaborative platform for supplier due diligence that helps organisations simplify, visualise, and mitigate supply chain security risk. We would encourage you to review all the data on this page and available from our Risk Ledger profile before sending questionnaires - you should find everything you need. Click on this link to access the public view of the assessment.

General Company Policies

Document/Policy	Publication Date/Expiry Date
Acceptable Use Policy	27/01/2026
Access Management Policy	27/01/2026
Anti-Bribery Policy	27/01/2026
Anti-Money Laundering Policy	27/01/2026
Asset Management Policy	27/01/2026
Backup Policy	27/01/2026
Bring Your Own Device (BYOD) Policy	27/01/2026
Business Continuity Plan	23/01/2026
Business Code of Behaviour	27/01/2026
Change Management Policy	27/01/2026
Clean Desk Policy	27/01/2026
Computer Use	27/01/2026
Confidentiality and Non-Disclosure	27/01/2026
Configuration/Hardening Policy	27/01/2026
Cyber Essentials Certificate	23/01/2026 - 22/01/2027
Data Classification Policy	27/01/2026
Data Handling Policy	27/01/2026
Disposal of Sensitive Data	28/01/2026
Environmental Policy	28/01/2026
Equal Opportunities	28/01/2026
Equality, Diversity and Inclusion Policy	28/01/2026
Health & Safety Policy	28/01/2026
HR Security Policy	28/01/2026
Incident Handling and Data Breach	28/01/2026
Information Asset Register (IAR)	28/01/2026
Information Commission Officer (ICO) Certificate	22/02/2010 - 22/02/2026
Information Security Policy	28/01/2026
Leaver Checklist	28/01/2026
Modern Slavery Act Statement	28/01/2026
New Starter Checklist	28/01/2026
Penetration Test Summary	28/01/2026
Physical Security Policy	28/01/2026
Quality Policy	28/01/2026
Record of Processing Activities (RoPA)	28/01/2026
Risk Management Policy	28/01/2026
Software Development Life Cycle	28/01/2026
Software Risk Assessment	28/01/2026
Software Update and Patch Management	28/01/2026
Whistleblowing	28/01/2026
Wireless Security Policy	28/01/2026

GDPR Data Sharing Details

Data Sharing Document	Date Issued
Data Sharing for the locally installed (onsite) P11D Organiser	17/05/2018
Data sharing for the SaaS/Hosted P11D Organiser	17/05/2018

Support SLAs

Priority	Response Within
Urgent	1-4 Hrs
High	4-8 Hrs
Medium	1-5 Days
Low	2-30 Days

Development Standards

Document/Policy	Publication/Review Date
Software Development Life Cycle	03/12/2021
Secure Coding Best Practice	01/02/2021
C# Coding Standards	05/03/2015
VFP Coding Standards	05/03/2015

PAS Bank Details

Document	Review Date
Bank Details/Invoicing Details	21/01/2022
Bank Details/Invoicing Details (PDF)	08/07/2021

Terms & Conditions

Document	Review Date
T&Cs for the onsite P11D Organiser	06/12/2021
T&Cs for the hosted/SaaS P11D Organiser	06/12/2021

Insurance Policies

Details of the insurance policies that PAS Ltd hold can be found here.