Company Policies

Ekky Software has embarked on the long and continual process of standardisation. To this end we have adopted many of the ISO standards and have listed out on this page the company policies for each of those adopted standards. All efforts are made to adhere to these standards and if you have any questions or statements in regards to out compliance we would very much like to hear what you have say.

On This Page

Quaility Assurance Policy (2012)

Ekky Software is a relatively young company who has only just begun along a long path of ISO 9000 compliance. We do take the ideas, goals and policies within the standard seriously and have made a firm commitment to implement it within all our internal procedures.

The quality of our software is how we as a company are judged and to ensure that our customers are receiving a highest quality product that exceeds their expectations is the ultimate goal of the ISO journey. This is the extra software that we are named after.

To implement the ISO standard, we have formed a Quality Assurance Committee (QAC) and authorised the committee chair to have the power to implement changes throughout the company to ensure we achieve our quality objectives. The committee is also tasked with the responsibility of monitoring all feedback and drafting annual reports for the review of our company's board.

Back to Top

Risk Management Policy (2012)

Ekky Software has implemented Risk Management Systems throughout its business processes and is now embarking on the process of formalising its Risk Management with the ISO 31000 standard. The standard provides a framework that provides obvious benefits that were implemented before any motivations for ISO compliance.

The Software Industry is inherently project driven and each project has substantial risks involved. The process of identifying the risks and to start identifying plans for avoiding or mitigating those risks, starts at the creation of each business project.

With the formalisation of the ISO 31000 standard, we have forced each activity conducted within our business to list out all foreseeable risks, categorised those risks and to take any preventative actions as reasonability needed to prevent any adverse impacts. We have obligated all decision makes to consider the impacts of those risk in each and every decision and will make those decision makers accountable if a foreseeable risk was not handled correctly.

The Auditing & Oversight Committee (AOC) Chair is directly responsible for the implementation and maintenance of the Company's ISO 31000 compliance.

Back to Top

Information Security Management Policy (2012)

Ekky Software is essentially an IT company which at its heart is based on its Intellectual Property (IP). It is very important to all our stakeholders that the IP own by the company is properly secured. To enable a more transparent and reliable system we have committed to implementing the ISO 27000 family of standards.

We have already implemented a number of supporting ISO standards that will also provide a vital source of information and experience for implementing a formal process of Information Security.

To this end we have engaged the Information Security Committee (ISC) to have the responsibility of identifying, implementing preventive actions and monitoring the success or failure of those actions. The Committee Chair will be accountable for the investigating and responding to all known breaches of Information Security.

Back to Top

Occupational Health & Safety Policy (2012)

Ekky Software recognises the importance of it staff and takes their health and safety very seriously. To improve our internal processes for the protection of all people on our premises, we have made the commitment to implement the Occupational Health & Safety (OH&S) Australian Standard 4801. From this standard, we also recognise the legal requirements under the Work Health and Safety Act (NSW) 2011.

Within the realm of the 4801 standard, we have tasked the OH&S Committee (OHSC) with the responsibility of implementing the standard and making sure that all our processes have been considered with all the obligations origination from both the standard and legal sources.

Back to Top

Environmental Protection Policy (2012)

The Environment is very much an important area for society, however for an IT who is heavily dependent on digital documentation and has little material inputs or outputs. Although our use of materials is minimal, it is not totally nil. We do use ample amounts of electricity, waste large amounts of electrical equipment that often contain heavy metals and other environmental toxins.

We do take our corporate social and environmental responsibilities seriously and as such have committed to implementing the ISO 14000:2004 Environmental Management standards. To achieve this we have comprised and authorised the Environmental Protection Committee (EPC) to monitor our use of waste material and to improve our environmental footprint. The EPC Chair is responsible for implementing committee plains and to organise Meeting Reports for the Audit and Overview Committee (AOC).

Back to Top