Security and Compliance frequently asked questions
Cant find the answer you need? Contact TIMG →
TIMG OPERATIONAL COMPLIANCE
| TIMG’s operations are certified to be compliant with the highest Australian and International records management standards.
What ISO accreditation does TIMG have?
- We are ISO27001 ISM (Information Technology) compliant and as such, we have established an information security management system and apply a risk management process that can be scaled as necessary. This accreditation also encourages us to adopt a holistic approach to information security: vetting people, policies and technology. An information security management system implemented according to this standard is a tool for risk management, cyber-resilience and operational excellence.
- We are ISO 9001 QMS (Quality Management) compliant. This standard defines the concepts and principles from which approaches to creating, capturing and managing records are developed. This part of ISO 15489 describes concepts and principles relating to managing documents, metadata for records and records systems. It also talks to creating policies, assigned responsibilities, monitoring and training supporting the effective management of records and records controls.
- We are ISO14001 EMS (Environmental Management Systems) compliant. This Standard specifies the requirements for an environmental management system that an organisation like TIMG can use to enhance its environmental performance and management. We take our environmental responsibilities seriously and use this Standard to address this systematically, contributing to the environmental pillar of sustainability. To learn more about our Corporate Responsibility undertakings click here.
- We are AS/NZS ISO 45001 compliant. The safety and well-being of our staff is of paramount importance to us. ISO 45001:2018 specifies requirements for an occupational health and safety (OH&S) management system. It gives guidance for its use to enable organizations to provide safe and healthy workplaces by preventing work-related injury and ill health and proactively improving its OH&S performance
You can view all the TIMG Compliances here.
TIMG SECURE STORAGE FACILITIES
| Our facilities are strategically located in areas that meet our clients’ Disaster Recovery requirements and are purposely unbranded to remain discreet. State-of-the-art security and intrusion protection systems are also in play, including an extensive network of live security and monitoring cameras, motion detectors and seismic sensors.
Are your storage facilities PCI-DSS (Payment Card Industry Data Security Standard) compliant?
Yes, we are PCI DSS (Payment Card Industry Data Security Standard) compliant for the physical storage of cardholder data. This Standard is an information security standard designed to reduce payment card fraud by increasing security controls around cardholder data.
What have you got in place to protect my records from flood and disaster?
Apart from our continuous CCTV surveillance and environmental monitoring, all of our facilities are situated away from flood prone areas and are not near or adjacent to railway lines, high voltage electricity transmission lines or magnetic fields. Our storage environments feature engineer-designed, high-level fire alarm systems incorporating VESDA (Very Early Smoke Detection and Alarm) and Gas Suppression, connected directly to the Fire Brigade for early warning and immediate response.
We hold confidential client information and are looking for a secure locked storage option. Is this something you offer?
We have secure data vault storage options at all of our facilities. We do provide exclusive “client only” secure storage areas for high-value and confidential items. All of our vaults are reinforced concrete bunkers protected by VESDA (Very Early Smoke Detection Apparatus) and FM200 Gas Fire Suppression systems. They are humidity and climate controlled specifically for storing digital and magnetic media. They regularly undergo DR (Disaster Recovery) and BCP (Business Continuity Planning) testing as part of our annual ISO Certification process. We do not store hazardous materials in or near our secure storage areas.
TIMG PERSONNEL – SECURITY CLEARANCE
Are your staff Police checked?
At TIMG, our service personnel have all been Federal police-checked before the commencement of employment. We do not engage sub-contracted couriers in the execution of agreed services. The TIMG People and Culture team conducts thorough reference checks both in relation to employment history and character. Everyone is required by company policy to sign and execute Confidentiality Deeds when their employment contracts are executed.
What security training do your staff undertake?
All staff are trained in correct document procedures for handling sensitive information. While performing services for clients, TIMG employees may be exposed to confidential or commercially sensitive information. TIMG will treat all information as confidential and will not disclose this information to any other party unless required by law.
Do your staff have Baseline Clearance?
All TIMG staff are vetted and checked by the Australian Federal Police, with a large cross-section of TIMG staff having attained Baseline, Negative Vetting Level 1 clearance.