QEDIS Policy for Pilotfish Networks AB

for Quality, Environmental Responsibility, Data Privacy & Information Security

Table of content

1. Background 3
1.1. Standard fulfillment 3
2. QEDIS policy 3
2.1. Quality 4
2.2. Environmental Responsibility 4
2.3. Data Privacy 5
2.4. Information Security 5

Revision history

Date Version Description Author
180306 A First version AR
180407 B General updates and clarifications TA
180418 C Re wording of ch.2.4 after ISO 27001 pre audit AR

1. Background

Pilotfish Networks AB supplies connectivity and cloud based services to public transport vehicles. Our core offering is based on the installation of a gateway that connects the vehicle network to Internet. Pilotfish technology is based on standards and IT-architecture from the organisation ITxPT.

The challenges within the domain of Intelligent Transportation Systems are great when different conditions and requirements are considered together in an industry characterized by long complex value chains and technology both into the vehicles and cloud services. Pilotfish provide good economics and profitability, rather than just delivering systems. Our clients trust lays in our long experience and thorough knowledge of the systems and clients in the industry.

Quality, Environmental Responsibility, Data Privacy and Information Security (QEDIS) are a concern of all staff and areas within Pilotfish Networks AB. The management board has overall responsibility for Quality, Environmental Responsibility, Data Privacy and Information Security within Pilotfish Networks  and thus also for the IMS. It decides on the acceptable level of risk and is committed to provide enough resources for the implementation and operation of the IMS and to support the continual operation of the IMS. To achieve this, all employees must be well-acquainted with the management system and be aware of the relevance and importance of how they contribute to achieving business goals and improving the management system.

Each employee has the right as well as the duty to point out privacy and security related events and as well as improvement potentials for QEDIS to the management. On negligent and deliberate violation of policies and procedures will be reacted appropriately.

1.1. Standard fulfillment

The risk management methodology and the criteria for risk assessment follow the guidelines of the international standard ISO 31000:2009. For the risk management are – in addition to the criteria levels for confidentiality, availability and integrity – all applicable legal and contractual requirements defined as security objectives.

By the means of regular audits and certifications or re-certifications of the IMS will the compliance to the QEDIS policy and the requirements of the international standards ISO 9001:2015, ISO 14001:2015 and ISO/IEC 27001:2013 be proven to meet the expectations and the trust of our customers at any time. To deviations from the standards requirements will be responded appropriately.

2. QEDIS policy

With the release of this QEDIS Policy by the management of Pilotfish Networks AB the IMS is put into operation. The processes and policy specifications of the IMS are mandatory for all concerned, as defined in the Scope Statement.

The operation will continuously be assessed, monitored and improved. The operation will exceed legal and customer requirements.

2.1. Quality

Pilotfish creates long-term values for its customers by a delivery based on Pilotfish Core Values.

Reliable

  • Our systems are technically and operationally stable. Uptime is high and our customers can trust our employees and our organisation.
  • We are a part of an important value chain and our link is reliable and stable.

Innovative

  • We aim to be innovative, not only today but also in the long run.
  • We invest in innovation in order to best supply our customers.

Open

  • We are open in our communication with our partners and customers in order to offer the best technology and standards.
  • We base our offering on open technologies and standards.

We deliver complex services and products that fits for consistent operation and we have a long-term commitment to delivering high quality. Through cross-functional improvement work, the quality of our products and the efficiency of our processes are enhanced. A high level of service quality is the foundation of Pilotfish competitiveness and success and it makes our customers efficient and attractive.

2.2. Environmental Responsibility

Contributing to a positive environmental impact is a key part of Pilotfish business concept and work, not least because we work in the public transport market which is an environmental promoting industry leading to less pollution and other environmental effects.

We are making public transport more efficient and attractive by the help of supporting IT systems , digitizing this industry. Bus Maintenance enables bus monitoring and its IT systems with reduced number of canceled trips, reduced need for extra buses and proactive maintenance as a result. By offering an open IT infrastructure the total need for hardware on board the bus is reduced and Fuel Economy means a directly measurable reduced fuel consumption and reduced amount of emissions for our customers. Our main contribution to sustainable development is, therefore, that as many people as possible use our services.

Our services are the foundation of our environmental work but we also aim to reduce environmental impact by, for example, travel using public transportation and sort waste. By continuously setting up, working towards and following up relevant environmental goals and complying with applicable laws and requirements we strive to reduce our overall environmental impact.

2.3. Data Privacy

As within Intelligent Transportation Systems a lot of data regarding travel routes and times of private persons is gathered besides the technical data generated by the vehicle, the appropriate protection of Personally Identifiable Information (PII) within the business processes and products of Pilotfish Networks AB is a core objective for us and our clients.

2.4. Information Security

We deliver complex services and products that are used in consistent operation and we have a long-term commitment to delivering secure products and resilient services. Within Intelligent Transportation Systems a lot of data is generated, processed and stored for our customers, so it is natural to us to implement security measures to protect sensitive information within the business processes and products. We keep our personnel aware of their contribution to information security and keeping our systems and products safe from cyber threats.

Leave a Comment