img

Security Policy

ACQP Training Centre – Security Policy

1. Purpose

The purpose of this Security Policy is to define the measures, responsibilities, and controls in place to protect people, property, information, and systems at the ACQP Training Centre. This policy supports the integrity of training delivery, examinations, certification processes, and the protection of personal and commercially sensitive data.

2. Scope

This policy applies to:

  • All ACQP Training Centre premises and facilities

  • All staff, contractors, trainers, invigilators, volunteers, and visitors

  • Learners attending courses, examinations, or events

  • All physical and digital assets, including IT systems, examination platforms, and records

3. Policy Objectives

The objectives of this policy are to:

  • Ensure a safe and secure environment for learners, staff, and visitors

  • Protect confidential and personal data in line with UK data protection legislation

  • Prevent unauthorised access to facilities, systems, and examinations

  • Maintain the integrity of the ACQP training, assessment, and certification

  • Provide clear procedures for incident reporting and response

4. Roles and Responsibilities

4.1 ACQP Management

  • Overall responsibility for security governance

  • Ensure adequate resources and controls are in place

  • Approve and review this policy annually or following a security incident

4.2 Training Centre Manager

  • Day-to-day implementation of security controls

  • Ensuring staff compliance with this policy

  • Liaison with landlords, security providers, and emergency services

4.3 Staff, Trainers & Invigilators

  • Comply with this policy at all times

  • Challenge unauthorised access or suspicious behaviour

  • Protect login credentials, examination materials, and learner data

  • Report security incidents immediately

4.4 Learners & Visitors

  • Comply with site security procedures

  • Wear identification where required

  • Not attempt to access restricted areas or systems

5. Physical Security

5.1 Access Control

  • Training Centre access is restricted to authorised personnel and registered learners

  • Visitors must sign in and be supervised at all times

  • Identification may be required for examinations and controlled sessions

5.2 Premises Security

  • Doors and windows must be secured outside of operating hours

  • Alarm systems (where installed) must be activated when the premises are unattended

  • Keys, fobs, and access codes must not be shared

5.3 CCTV (where applicable)

  • CCTV is used for safety and security purposes only

  • Footage is retained in line with data protection requirements

  • Access to recordings is restricted to authorised persons

6. Information & Data Security

6.1 Data Protection

  • Personal data is processed in accordance with UK GDPR and the Data Protection Act 2018

  • Only data necessary for training, assessment, and certification is collected

  • Data is stored securely and retained only for defined periods

6.2 IT & Systems Security

  • Secure passwords must be used for all systems and portals

  • Multi-factor authentication is used where available

  • Systems must not be accessed using shared or unsecured devices

  • Software and systems must be kept up to date

6.3 Examination & Assessment Security

  • Examination content is confidential and restricted to authorised users

  • Online examination portals include identity verification and audit controls

  • Any attempt to compromise exam integrity may result in removal, invalidation of results, or disciplinary action

7. Operational Security

7.1 Clear Desk & Clear Screen

  • Sensitive documents must not be left unattended

  • Screens should be locked when workstations are unattended

7.2 Portable Devices & Media

  • USB devices and portable media should be avoided unless authorised

  • Any loss or theft of devices must be reported immediately

8. Health, Safety & Emergency Security

  • Emergency exits must remain unobstructed at all times

  • Fire safety procedures must be followed

  • Suspicious items or behaviour must be reported immediately

  • Evacuation and lockdown procedures must be followed as instructed

9. Incident Management & Reporting

  • All security incidents, near misses, or breaches must be reported to the Training Centre Manager

  • Incidents will be investigated and recorded

  • Corrective actions will be implemented to prevent recurrence

10. Disciplinary Action

Failure to comply with this Security Policy may result in:

  • Removal from the premises

  • Suspension or termination of access

  • Disciplinary action in line with ACQP procedures

  • Reporting to relevant authorities where required

11. Policy Review

This policy will be reviewed:

  • Annually

  • Following any significant security incident

  • Following changes to legislation, systems, or operational practices

12. Approval

This Security Policy is approved by ACQP Management and is effective from the date of issue.

We use essential and functional cookies to ensure secure access, maintain exam integrity, and improve website performance. No advertising cookies are used. learn more

Allow