Information Security Policy
TM expects that third parties, including suppliers and distribution partners, maintain an Information Security Policy in an established and documented corporate process. The policy should include physical security, IT user access, data network, data loss prevention, systems access, user privileges, encryption, computer misuse awareness, unauthorised software, virus protection, personal computer security, internet and email security, data protection and information security management.
Business Continuity Plan
TM expects that third parties, including suppliers and distribution partners, maintain a Business Continuity Plan in an established and documented corporate policy. The policy should include defining, maintaining and testing recovery plans for critical business functions within all lines of business, internal support organisations and third-party vendors, so that those functions remain operational after a business interruption. TM encourages vendors to maintain a separate Disaster Recovery plan to cover uninterrupted operation of technology from a Disaster Recovery environment in the event of a major event affecting its office and/or hosting environments.
TM expects third parties including suppliers and distribution partners, with whom we work to:
- comply with relevant environmental legislation/regulation.
- continually improve performance by monitoring progress against targets and objectives on a regular basis.
- incorporate environmental factors into business decisions.
Code of Ethics
TM expects third parties including suppliers and distribution partners, with whom we work to comply with laws and regulation, adhere to ethical business practices, and observe our standard requirements concerning labour, health, safety, environmental protection.
Anti Slavery and Human Trafficking
TM does not tolerate slavery and human trafficking in our business or with any third party, including suppliers and distribution partners, with whom we work. Where there is evidence of failure to comply with this policy by a third party, we will take remedial actions, and in the worst-case scenario, terminate our relationship with the third party. TM will also consider whether we possess any evidence that may be reported to relevant authorities such as industry bodies, regulators, or law enforcement.