Information Security

Tiger Supplies recognises that information security is a critical component of operational resilience, customer confidence and regulatory compliance. The business operates a structured, risk-based approach to information security designed to protect data confidentiality, integrity and availability across systems, people and processes.

 

Information security controls are embedded within day-to-day operations and reviewed at senior management level to ensure they remain effective as the business scales and technology evolves.

Information Security Governance

Information security at Tiger Supplies is governed through formal policies, documented procedures and defined responsibilities.

 

Senior management retains accountability for information security, supported by competent personnel responsible for implementation, monitoring and continuous improvement. Information security risks and controls are reviewed as part of wider business governance and operational planning.

 

Policies are reviewed regularly to ensure alignment with regulatory requirements, industry best practice and emerging threats.

Data Protection & Privacy

Tiger Supplies manages personal and commercial data in line with UK data protection legislation.

 

Controls are in place to ensure:

•  Data is collected and processed lawfully and transparently
•  Access to data is restricted to authorised personnel
•  Data is retained only for as long as necessary
•  Data is protected against unauthorised access, loss or misuse


Data handling responsibilities are clearly defined, and employees receive guidance and training appropriate to their roles.

Access Control & User Management

Access to systems and data is controlled through role-based permissions.

 

Key controls include:

•  Unique user accounts
•  Strong password policies
•  Restricted administrative access
•  Segregation of duties where appropriate
•  Timely removal of access when roles change or employment ends


These controls ensure users can only access the information and systems necessary to perform their role.

System Security & Infrastructure

Core business systems, including ERP and supporting platforms, are protected through layered security controls.

 

These include:

•  Secure hosting environments
•  Network firewalls and monitoring
•  Antivirus and endpoint protection
•  Regular software updates and patching
•  Secure configuration of systems and devices


System availability and performance are monitored to identify and respond to issues promptly.

Cyber Security Controls

Tiger Supplies operates defined cyber security controls to reduce the risk of unauthorised access, malware, ransomware and data breaches.

 

Measures include:

•  Managed endpoint protection across devices
•  Email filtering and anti-phishing controls
•  Secure remote access controls
•  User awareness training to reduce human risk
•  Incident response procedures for cyber events


Cyber security measures are reviewed and updated in response to evolving threat landscapes.

Incident Management & Response

Information security incidents are managed through a formal incident response process.

 

This includes:

•  Identification and containment of incidents
•  Investigation and root cause analysis
•  Remediation and corrective actions
•  Review of controls to prevent recurrence
•  Escalation to senior management where required


Incidents are logged and reviewed to support continuous improvement and accountability.

Backup, Recovery & Data Integrity

Tiger Supplies maintains secure data backup and recovery arrangements to protect against data loss, corruption or system failure.

 

Backups are:

•  Performed on a scheduled basis
•  Stored securely
•  Tested periodically to confirm recoverability


These controls support business continuity objectives and ensure data integrity is maintained.

Third-Party & Supplier Security

Information security risk extends beyond internal systems.

 

Tiger Supplies applies due diligence to third-party service providers who process or store data, ensuring appropriate security controls are in place. Contracts include obligations relating to data protection and information security where applicable.

 

Supplier security performance is reviewed as part of ongoing supplier management.

Training & Awareness

Employees receive information security awareness training appropriate to their role.

Training covers areas such as:

•  Password management
•  Phishing and social engineering awareness
•  Secure handling of data
•  Reporting of suspected security incidents


Training effectiveness is reviewed and refreshed periodically.

Monitoring, Review & Continuous Improvement

Information security controls are monitored through:

•  System and access reviews
•  Incident trend analysis
•  Policy reviews
•  Management oversight


Findings are used to strengthen controls, address emerging risks and ensure alignment with business and regulatory requirements.

In partnership with Zensec

Cyber Essentials Certification 

Commitment

Tiger Supplies is committed to protecting information assets and maintaining the trust of customers, suppliers and stakeholders. Information security is treated as a core operational discipline and is continuously reviewed to ensure it remains effective, proportionate and aligned with business growth.

!