ISMS committee is responsible for r

ISMS committee is responsible for reviewing the information security related policies and procedures that comprise the ISMS, monitoring compliance with the ISMS, reviewing incidents and recommending actions where necessary to strengthen information security controls. The Director chairs the group and it is clerked by the Information Security Officer. Its membership will include representatives of all of the senior stakeholders with responsibilities for information security as set out in the Terms of Reference for the committee. Where appropriate, the group will arrange training for lead officers responsible for investigating information security incidents.

The Chair of the ISMS committee will make an annual report to the Risk Management Strategy Group on compliance with the ISMS, recommending any actions needed to address risks and issues, for inclusion in the Audit and Risk Committee's annual report on risk management control to Court. The Chair is responsible for escalating major risks arising from a breach of information security, or other major issues that affect strategic and operational risks, promptly to the Risk Management Strategy Group and the Managing Director. The Chair will report as necessary to the Board and the Information Strategy Group as part of a wider communications strategy to promote a culture of responsible information security management across the Company.

The Managing Director is also responsible for meeting any reporting requirements of external regulatory bodies.