Security Policy

My Charity Management (MYCM)
Owned and Operated by Outsourced Professional Directors Limited

1. Introduction

At My Charity Management (MYCM), we prioritise the security of our clients’, partners’, and employees’ information. This Security Policy outlines the measures we implement to protect our digital and physical assets, ensuring the confidentiality, integrity, and availability of data.

MYCM is owned and operated by Outsourced Professional Directors Limited, with our main office located at:
Ability House, 121 Brooker Road, Waltham Abbey, EN9 1JH, England
For enquiries, please contact us:
Email: info@mycharitymanagement.com
Tel: +44 208 145 3355
Website: https://mycharitymanagement.com

2. Purpose

This policy aims to:

  • Protect MYCM’s information assets against unauthorised access, disclosure, alteration, or destruction.

  • Ensure compliance with legal, regulatory, and contractual security obligations.

  • Promote a culture of security awareness among employees and contractors.

3. Scope

This policy applies to all MYCM employees, contractors, volunteers, and third parties who have access to our information systems and data.

4. Information Security Principles

MYCM adheres to the following principles:

  • Confidentiality: Information is accessible only to authorised individuals.

  • Integrity: Information is accurate, complete, and protected against unauthorised modification.

  • Availability: Information and systems are accessible to authorised users when needed.

5. Security Measures

5.1 Physical Security

  • Controlled access to MYCM offices and secure storage for physical documents.

  • Visitor access is logged and monitored.

5.2 Technical Security

  • Use of firewalls, antivirus software, and intrusion detection systems to protect IT infrastructure.

  • Regular software updates and patch management to mitigate vulnerabilities.

  • Strong password policies and multi-factor authentication for system access.

  • Data encryption in transit and at rest, where applicable.

5.3 Access Control

  • Access rights are granted on a need-to-know basis and regularly reviewed.

  • Immediate revocation of access upon termination or change in role.

5.4 Incident Management

  • Procedures for detecting, reporting, and responding to security incidents promptly.

  • All incidents are logged, investigated, and corrective actions implemented.

5.5 Staff Training and Awareness

  • Regular security awareness training for all employees and contractors.

  • Clear guidelines on acceptable use of IT resources.

6. Data Protection

Security controls complement our Data Protection Policy, ensuring personal and sensitive data is handled securely in line with legal requirements.

7. Third-Party Security

MYCM ensures that third-party providers and partners comply with appropriate security standards before granting access to any MYCM systems or data.

8. Policy Compliance

Failure to comply with this policy may result in disciplinary action, up to and including termination of employment or contracts.

9. Review and Updates

This Security Policy is reviewed annually or in response to significant changes to ensure continued effectiveness.

10. Contact

For questions or to report a security concern, please contact:

My Charity Management (MYCM)
Ability House, 121 Brooker Road, Waltham Abbey, EN9 1JH, England
Email: info@mycharitymanagement.com
Tel: +44 208 145 3355
Website: https://mycharitymanagement.com

Last Updated: July 2025
© My Charity Management (MYCM) | A service of Outsourced Professional Directors Limited