The International Federation of Red Cross and Red Crescent Societies (IFRC) uses the information it receives and handles in a number of different ways. Our reputation, and the effectiveness and efficiency of what we do, can be put at considerable risk if users – i.e. staff, contractors and third party suppliers authorised to access, handle or use IFRC information – fail to maintain proper standards and controls in the way they manage information security.

This Policy sets out what users should and should not do, to:

• Implement adequate information security controls
• Ensure that the use of ICT resources is effective, efficient, and consistent with the Fundamental Principles of the International Red Cross and Red Crescent Movement