Security Policy

My Church Management (MCM)
Owned and Operated by Outsourced Professional Directors (OPD) Limited

1. Introduction

At My Church Management (MCM), we prioritise the security of our clients’, partners’, and employees’ information. This Security Policy outlines the measures we implement to protect our digital and physical assets, ensuring the confidentiality, integrity, and availability of data.

MCM is owned and operated by Outsourced Professional Directors (OPD) Limited, with our main office located at:
Ability House, 121 Brooker Road, Waltham Abbey, EN9 1JH, England
For enquiries, please contact us:
Email: info@mychurchmanagement.com
Tel: +44 208 145 3355
Website: https://mychurchmanagement.com

2. Purpose

This policy aims to:

• Protect MCM’s information assets against unauthorised access, disclosure, alteration, or destruction.

• Ensure compliance with legal, regulatory, and contractual security obligations.

• Promote a culture of security awareness among employees and contractors.

3. Scope

This policy applies to all MCM employees, contractors, volunteers, and third parties who have access to our information systems and data.

4. Information Security Principles

MYCM adheres to the following principles:

• Confidentiality: Information is accessible only to authorised individuals.

• Integrity: Information is accurate, complete, and protected against unauthorised modification.

• Availability: Information and systems are accessible to authorised users when needed.

5. Security Measures

5.1 Physical Security

• Controlled access to MCM offices and secure storage for physical documents.

• Visitor access is logged and monitored.

5.2 Technical Security

• Use of firewalls, antivirus software, and intrusion detection systems to protect the IT infrastructure.

• Regular software updates and patch management to mitigate vulnerabilities.

• Strong password policies and multi-factor authentication for system access.

• Data encryption in transit and at rest, where applicable.

5.3 Access Control

• Access rights are granted on a need-to-know basis and regularly reviewed.

• Immediate revocation of access upon termination or change in role.

5.4 Incident Management

• Procedures for detecting, reporting, and responding to security incidents promptly.

• All incidents are logged, investigated, and corrective actions implemented.

5.5 Staff Training and Awareness

• Regular security awareness training for all employees and contractors.

• Clear guidelines on acceptable use of IT resources.

6. Data Protection

Security controls complement our Data Protection Policy, ensuring personal and sensitive data is handled securely in line with legal requirements.

7. Third-Party Security

MCM ensures that third-party providers and partners comply with appropriate security standards before granting access to any MCM systems or data.

8. Policy Compliance

Failure to comply with this policy may result in disciplinary action, up to and including termination of employment or contracts.

9. Review and Updates

This Security Policy is reviewed annually or in response to significant changes to ensure continued effectiveness.

10. Contact

For questions or to report a security concern, please contact:

My Church Management (MCM)
Ability House, 121 Brooker Road, Waltham Abbey, EN9 1JH, England
Email: info@mychurchmanagement.com
Tel: +44 208 145 3355
Website: https://mychurchmanagement.com

Last Updated: July 2025
© My Church Management (MCM) | A service of Outsourced Professional Directors(OPD) Limited