DigiPlex operates within a Total Quality framework.  The framework establishes an integrated structure which shapes the development of business strategy, facility design, service definition and operational procedures.  DigiPlex Data Centres’ services and procedures are fit for purpose, ensure uptime, and the health and safety of all those involved.  The result is an efficient and effective operation leading to a reduction in customer expense because services and processes work first time and work continuously.

Our approach to quality is comprehensive, taking in:

•    Customer focus
•    Employee development
•    Supplier partnerships, and
•    Public responsibilities.

In all areas, DigiPlex aims to be ranked with industry leaders.  Where statutory requirements exist, these are regarded as the minimum level of acceptable performance to be exceeded.  In our view, this approach is simply good business practice.

The internationally recognised standards with which DigiPlex is compliant include :

BS EN ISO 9001:2008
DigiPlex is committed to Quality and is a firm registered to BS EN ISO 9001:2008.  This standard is used to regulate an organisation's quality systems and procedures.

DigiPlex is committed to compliance with this standard through investment in people, plant, equipment, management processes and ongoing training.

ISO/IEC 27002:2005
This Code of Practice focuses on information security management.  It recognises that information is a vital business asset.  Consequently, all information and the associated management processes, systems and networks, requires appropriate protection.

The Code of Practice is aimed primarily at end-user (customer)  organisations, though some elements of it extend to the services provided by third parties and specifically outsource partners.  DigiPlex recognises the obligation to support its customers in achieving compliance in all relevant areas.  The following paragraphs refer to those sections of the standard Code of Practice that apply and summarise the DigiPlex response.

IEC 27002:2005 Code of Practice
Section 6.1.4 Authorisation process for information processing facilities
All information processing facilities must operate in ways that are consistent with customer security policies and have appropriate controls in place.  DigiPlex works with each customer to ensure that systems, processes and procedures are tailored to meet all such needs.

Section 6.1.5 Confidentiality agreements
Confidentiality and non-disclosure agreements form a standard part of the DigiPlex operating principles and are included in contract documentation.

Section 6.2.1 Identification of risks related to external parties
DigiPlex will participate in and support customer risk assessment procedures, working in tandem to ensure appropriate controls are put in place.  DigiPlex’s own established policies and procedures facilitate this process.

Section 6.2.3 Addressing security in third party agreements
Facilities and day-to-day operational services at the Oslo Centre have been designed with the specific intent of addressing the risks, security controls and procedures that customers need to consider for the protection of their information systems and networks.

Section 9 Physical and environmental security
The Centre’s physical security strategy creates five concentric security zones, each of which must be passed to access a secure customer area.  Site grounds and car parks are well lit and are enclosed by high-security fences and security entry gates.  The grounds and fences are under constant CCTV surveillance.  Through these measures, combined with the demanding specification of the Centre's services and systems, DigiPlex provides a high level of security for customers' environments as a standard feature of its service provision.  

Section 10.2 Third party service delivery management
DigiPlex provides complete clarity, through contract documents and related policy statements, regarding responsibilities and procedures for the management and operation of facilities and the delivery of services.  When required, extra controls are defined and implemented to meet specific customer requirements.

Section 11 Access control
Access to the Centre is controlled via a multi-layered security system, including, for example, voice intercom, proximity card reader and PIN code keypads.  Secure customer modules are monitored via CCTV surveillance at different stages, including both entry and exit sides of the access doors.  These doors are highly protected using a range of systems, for example, proximity card readers, PIN code keypads and a manually-selectable intruder alarm.  Additional security measures can be developed and implemented if required to meet specific customer requests.

Section 13 Information security incident management
DigiPlex has in place well defined procedures for reporting any incident that might have an impact on the security of customer assets.  DigiPlex staff are trained in the application of these procedures and are also made aware, as a part of their induction process, of the disciplinary process that applies to any breach of responsibilities.

Section 14 Business continuity management
DigiPlex has well-defined business continuity procedures in place as part of core operating equipment and practice.  These are designed to counteract interruptions to business activities and to protect customers' critical business processes from the effects of utility power failure or major incident.

Section 15 Compliance
DigiPlex is committed to operating in full compliance with all legal, regulatory and contractual obligations.  Defined polices require comprehensive record keeping and regular performance audits at the Centre.  DigiPlex is committed to cooperating with customers own compliance procedures.

DigiPlex is confident that the services provided at its Data Centres are appropriate for customers' needs with regard to compliance with ISO/IEC 27002:2005.  At all times we endeavour to support customers in achieving compliance.  We are committed to best practice in the services we provide.

ISO 14001:2004
ISO 14001:2004 specifies the requirements for an Environmental Management System (EMS) to be put in place.   THE EMS ensures that the organisation develops and implements a policy and objectives focused on both the legal requirements and environmental issues relevant to the organisation.

DigiPlex is concerned to achieve sound environmental performance by monitoring and controlling the impacts of its activities on both the local and the wider environment.  Accordingly, sound environmental principles are incorporated in all of our operational policies and procedures, notably our approach to sourcing, to using power and water, to product and services procurement strategies, and to the management of waste, including recycling.

BS 25999-1:2006
BS 25999 is the British Standard for business continuity management systems (there is as yet no comparable ISO standard).  BS 25999 consists of two parts, a code of practice and the standard itself, and is designed to underpin continuity of operations following a disruption, whether due to a major disaster or a minor incident.  It encompasses a comprehensive set of requirements based on best practice and covers the continuity management lifecycle, from planning through testing to ongoing revision to ensure readiness.

Operational continuity is critical at DigiPlex, and tailored systems and procedures are in place throughout our business, facilities and sites.  These are fully in line with best practice guidance.