Policies

Quality & Security Policy

Elisian Ltd  ·  Company No. 10276624  ·  Last reviewed: June 2026

Our commitment

Elisian Ltd is committed to delivering high-quality software and services to clients across the energy sector, and to maintaining the confidentiality, integrity, and availability of all information we hold. This policy sets out the principles that underpin our approach to quality management and information security.

This policy applies to all Elisian employees, contractors, and third parties who access Elisian systems or handle Elisian information.

Quality management

Elisian operates a Quality Management System (QMS) certified to ISO 9001:2015. Our quality objectives are to:

  • Consistently meet or exceed client expectations in the delivery of our software and services
  • Continually improve our processes, products, and services through regular review and measurement
  • Ensure our team has the skills, training, and resources required to perform their roles to a high standard
  • Respond promptly and effectively to client feedback and complaints
  • Maintain compliance with all applicable legal and regulatory requirements

Information security

Elisian operates an Information Security Management System (ISMS) certified to ISO/IEC 27001:2022. Our information security objectives are to:

  • Protect the confidentiality, integrity, and availability of client and company information
  • Identify and manage information security risks in a systematic and proportionate manner
  • Ensure all personnel understand their information security responsibilities
  • Respond to security incidents effectively and minimise their impact
  • Maintain compliance with applicable data protection legislation, including UK GDPR

Cyber Essentials & NIST 800-53

In addition to our ISO certifications, Elisian holds Cyber Essentials certification and aligns our security controls with the NIST SP 800-53 framework. This ensures our technical security posture meets recognised industry standards for protecting information systems.

Responsibilities

The senior leadership team is responsible for establishing, maintaining, and communicating this policy. All employees are responsible for adhering to it. The policy is reviewed at least annually and updated following any significant changes to our operations, technology, or risk environment.

Contact

Questions regarding this policy should be directed to hello@elisian.co.uk.