Quality and Compliance 

Environmental Compliance Enabler

Cellpak strives to lead by example in contributing towards a cleaner environment. For our own business, we monitor our use of energy and resources, we reuse and recycle wherever possible. To ensure our clients environmental compliance we have a number of procedures in place.

Our environmental input begins during the design process, using our own Environmental Impacts assessment process we make efforts to reduce excess material usage and try to eliminate excess space wherever possible. Once designs are finalised, during the packaging manufacture we use recycled and recyclable content wherever possible, using virgin materials only from sustainable sources such as FSC approved paper and board products. Within the manufacturing and delivery process we reduce our energy consumption and carbon footprint wherever possible.

ISO 9001 

We are fully ISO 9001 compliant and operate within a process driven, total quality management framework. By following the ISO standards, we have a strong integrated structure, which influences the service and operational solutions we offer. Our services are efficient and effective and under constant review thus helping reduce cost and environmental impact.

We strive to achieve quality beyond the ISO statutory obligations, with a focus on customer and employee care alongside supplier partnerships. We regard statutory requirements as the minimum level of acceptable performance and aim to exceed in all areas.

ISO 27001

At our organization, the commitment to excellence extends beyond ISO 9001 compliance to include ISO 27001, emphasising the robustness of our information security management system (ISMS). We operate within a process-driven framework, aligning our business operations with ISO 27001 standards. This integrated structure not only enhances our service and operational solutions but also bolsters the security of sensitive information. We continuously assess and refine our services to ensure efficiency, effectiveness, and security, ultimately contributing to cost reduction and minimizing our environmental impact.

Our dedication to ISO 27001 goes beyond mere statutory obligations. We prioritise customer satisfaction, employee well-being, and strong supplier partnerships in our pursuit of excellence. While we view statutory requirements as the baseline for performance, we set our sights higher, striving to excel in all aspects of information security. Our implementation of ISO 27001 is a testament to our unwavering commitment to safeguarding data, mitigating risks, and upholding the highest standards of information security throughout our operations.

Information Security Policy

1.0. Policy objective:

1.1. To protect the information assets that Cellpak Solutions handles, stores, exchanges, processes and has access to, and to ensure the ongoing maintenance of their confidentiality, integrity and availability.

1.2. To ensure controls are implemented that provide protection for information assets and are proportionate to their value and the threats to which they are exposed.

1.3. To ensure the organisation complies with all relevant legal, customer and other third-party requirements relating to information security.

1.4. To continually improve the organisation’s Information Security Management System (ISMS) and its ability to withstand threats that could potentially compromise information security.

2.0. Scope:

2.1. This policy and its sub-policies apply all people, processes, services, technology and assets detailed in the Scope.  It also applies to all employees or subcontractors of information security critical suppliers who access or process any of the organisation’s information assets.

3.0. Core policy:

3.1. The organisation believes that despite the presence of threats to the security of such information, most security incidents are preventable.

3.2. The organisation is committed to achieving the objectives detailed in the policy through the following means:

3.2.1. The implementation and maintenance of an ISMS that is independently certified as compliant with ISO 27001:2013.

3.2.2. The systematic identification of security threats and the application of a risk assessment procedure that will identify and implement appropriate control measures.

3.2.3. Regular monitoring of security threats and the testing/auditing of the effectiveness of control measures

3.2.4. The maintenance of a risk treatment plan that is focused on eliminating or reducing security threats;

3.2.5. The maintenance and regular testing of a Business Continuity Plan;

3.2.6. The clear definition of responsibilities for implementing the ISMS;

3.2.7. The provision of appropriate information, instruction and training so that all employees are aware of their responsibilities and legal duties, and can support the implementation of the ISMS;

3.2.8. The implementation and maintenance of the sub-policies detailed in this policy.

3.3. The appropriateness and effectiveness of this policy, and the means identified within it, for delivering the organisation’s commitments will be regularly reviewed by Top Management.

3.4. The implementation of this policy and the supporting sub-policies and procedures is fundamental to the success of the organisation’s business and must be supported by all employees and contractors who have an impact on information security as an integral part of their daily work.

3.5. All information security incidents must be reported to the Director.  Violations of this policy may be subject to the organisation’s Disciplinary and Appeals Policy and Procedure.

END OF DOCUMENT