{"id":904,"date":"2024-04-23T10:49:23","date_gmt":"2024-04-23T10:49:23","guid":{"rendered":"https:\/\/involvedengagement.co.uk\/?page_id=904"},"modified":"2024-05-08T09:51:54","modified_gmt":"2024-05-08T09:51:54","slug":"information-security-policy","status":"publish","type":"page","link":"https:\/\/involvedengagement.co.uk\/index.php\/information-security-policy\/","title":{"rendered":"Information Security Policy"},"content":{"rendered":"<!--themify_builder_content-->\n<div id=\"themify_builder_content-904\" data-postid=\"904\" class=\"themify_builder_content themify_builder_content-904 themify_builder tf_clear\">\n                    <div  data-lazy=\"1\" class=\"module_row themify_builder_row tb_cpgb581 tb_first tf_w\">\n                        <div class=\"row_inner col_align_top tb_col_count_1 tf_box tf_rel\">\n                        <div  data-lazy=\"1\" class=\"module_column tb-column col-full tb_42g2583 first\">\n                    <!-- module plain text -->\n<div  class=\"module module-plain-text tb_ha3y677 \" data-lazy=\"1\">\n        <div class=\"tb_text_wrap\">\n    <html>\n  <head>\n    <style>\n      p,\n      ul,\n      li {\n        color: black;\n        padding-top: 20px;\n        padding-bottom: 5px;\n        font-size: 16px;\n      }\n    <\/style>\n  <body>\n    <h2><strong>Information Security Policy<\/strong><\/h2>\n\n    <p><strong>PURPOSE<\/strong><\/p>\n    <p>\n      This high-level Information Security Policy sits alongside the\n      &ldquo;Information Risk Management Policy&rdquo; and &ldquo;Data\n      Protection Policy&rdquo;. This Policy provides a high-level outline of,\n      and justification for, the Company&rsquo;s risk-based information security\n      controls.\n    <\/p>\n\n    <p><strong>LEGAL BASIS<\/strong><\/p>\n    <p>\n      Information that is collected, analysed, stored, communicated and reported\n      upon may be subject to theft, misuse, loss and corruption.\n    <\/p>\n    <p>\n      Information may be put at risk by reduced awareness and\/or training, and\n      the breach of security controls.\n    <\/p>\n    <p>\n      Information security incidents can give rise to embarrassment, financial\n      loss, non-compliance with standards and legislation, as well as possible\n      judgements being made against the Company.\n    <\/p>\n\n    <p><strong>OBJECTIVES<\/strong><\/p>\n    <p>\n      Our Company&rsquo;s security objectives are key to improving\n      Employees\/Users awareness and knowledge of security best practices.\n    <\/p>\n    <p>We focus on:<\/p>\n    <ul>\n      <li>\n        information risks being identified, managed and treated according to a\n        fixed risk tolerance;\n      <\/li>\n      <li>\n        authorised Employees\/Users&rsquo; access and share information securely\n        in order to perform their duties and roles;\n      <\/li>\n      <li>\n        physical, procedural and technical controls are balanced with\n        Employee\/User experience and security;\n      <\/li>\n      <li>\n        contractual and legal obligations relating to information security being\n        met at all times;\n      <\/li>\n      <li>\n        all business and administrative activities always consider information\n        security matters;\n      <\/li>\n      <li>\n        individuals accessing information are aware of their information\n        security responsibilities;\n      <\/li>\n      <li>\n        incidents affecting information assets are quickly and effectively\n        resolved and work as a motive to improve our security controls.\n      <\/li>\n    <\/ul>\n\n    <p><strong>SCOPE<\/strong><\/p>\n    <p>\n      The Information Security Policy and its supporting controls, processes and\n      procedures apply to all information used and processed by the Company, in\n      all formats. This includes information processed by other organisations in\n      their dealings with the Company.\n    <\/p>\n    <p>\n      The Information Security Policy and its supporting controls, processes and\n      procedures apply to all individuals who have access to the Company&rsquo;s\n      information, technologies and apps, including external parties that\n      provide information processing services to the Company.\n    <\/p>\n\n    <p><strong>COMPLIANCE MONITORING<\/strong><\/p>\n    <p>\n      Compliance with the controls in this Policy shall be monitored by the\n      Information Security Team, and reported to the Information Security\n      Officer.\n    <\/p>\n\n    <p><strong>REVIEW<\/strong><\/p>\n    <p>\n      A review of this Policy is undertaken by the Company&rsquo;s Legal Team on\n      an annual basis or more frequently if required.\n    <\/p>\n\n    <p><strong>POLICY STATEMENT<\/strong><\/p>\n    <p>\n      It is the Company&rsquo;s policy to ensure that information is protected\n      from a loss of:\n    <\/p>\n    <ol type=\"a\">\n      <li>\n        <strong>Confidentiality:<\/strong> information will be lawfully\n        accessible only to authorised individuals.\n      <\/li>\n      <li>\n        <strong>Integrity:<\/strong> the accuracy and completeness of information\n        will be maintained.\n      <\/li>\n      <li>\n        <strong>Availability:<\/strong> information will be accessible to\n        authorised Employees\/Users and processed only as required by law or\n        lawful purpose.\n      <\/li>\n    <\/ol>\n    <p>\n      The Company will implement an Information Security Management System based\n      on certified standards as required by law. The Company shall be mindful of\n      the approaches adopted by its stakeholders, including third partners.\n    <\/p>\n\n    <p>\n      <strong\n        >The Company adopts a risk-based approach to the application of the\n        following controls:<\/strong\n      >\n    <\/p>\n\n    <ol>\n      <li><strong>Information Security Policies<\/strong><\/li>\n    <\/ol>\n    <p>\n      A set of lower-level controls, processes and procedures for information\n      security are defined, in support of the high-level Information Security\n      Policy and its stated objectives. This suite of supporting documentation\n      as approved by the Company, shall be published and communicated to\n      Company&rsquo;s Employees\/Users and relevant external parties.\n    <\/p>\n\n    <ol start=\"2\">\n      <li><strong>Organisation of Information Security<\/strong><\/li>\n    <\/ol>\n    <p>\n      The Company defines and implements suitable governance arrangements for\n      the management of information security. This includes identification and\n      allocation of security responsibilities, to initiate and control the\n      implementation and operation of information security within the Company.\n    <\/p>\n    <p>\n      The Company has appointed Information Security Officer and take\n      accountability for information risk.\n    <\/p>\n\n    <ol start=\"3\">\n      <li><strong>Human Resources Security<\/strong><\/li>\n    <\/ol>\n    <p>\n      The Company&rsquo;s security policies and expectations for acceptable use\n      will be communicated to all Employees\/Users to ensure that they understand\n      their information security obligations and responsibilities. Information\n      security training will be made available to all Employees\/Users. Poor or\n      inappropriate behaviour will be addressed.\n    <\/p>\n    <p>\n      Where practical, security responsibilities will be included in role\n      descriptions, person specifications and personal development plans.\n    <\/p>\n\n    <ol start=\"4\">\n      <li><strong>Information Assets management<\/strong><\/li>\n    <\/ol>\n    <p>All information assets will be documented and accounted for.<\/p>\n    <p>This includes:<\/p>\n    <ol type=\"a\">\n      <li>\n        Information: any information that can be used to identify a person,\n        including sensitive information;\n      <\/li>\n      <li>Software;<\/li>\n      <li>Electronic information processing equipment;<\/li>\n      <li>Service benefits;<\/li>\n      <li>Human Resources.<\/li>\n    <\/ol>\n    <p>\n      Owners will be identified for all information assets and will be\n      responsible for the maintenance and protection of their assets.\n    <\/p>\n    <p>\n      All information assets are classified according to their legal\n      requirements, business value, criticality and sensitivity. Classification\n      indicates appropriate handling requirements. All information assets will\n      have a defined retention and disposal schedule.\n    <\/p>\n\n    <ol start=\"5\">\n      <li><strong>Access Control<\/strong><\/li>\n    <\/ol>\n    <p>\n      Access to all information will be controlled and will be driven by\n      business requirements. Access will be granted or arrangements made for\n      Employees\/Users according to their role and the classification of\n      information, only to a level that will allow them to carry out their\n      duties.\n    <\/p>\n    <p>\n      A formal user registration and de-registration procedure will be\n      maintained for access to all information systems and services. This will\n      include mandatory authentication methods based on the sensitivity of the\n      information being accessed, and will include consideration of multiple\n      factors as appropriate.\n    <\/p>\n    <p>\n      Specific controls will be implemented for users with elevated privileges,\n      to reduce the risk of negligent or deliberate system misuse. The\n      separation of duties will be implemented, where practical.\n    <\/p>\n\n    <ol start=\"6\">\n      <li><strong>Cryptography<\/strong><\/li>\n    <\/ol>\n    <p>\n      The Company will provide guidance and tools to ensure proper and effective\n      use of cryptography to protect the confidentiality, authenticity and\n      integrity of information and systems.\n    <\/p>\n\n    <ol start=\"7\">\n      <li><strong>Physical &amp; Environmental Security<\/strong><\/li>\n    <\/ol>\n    <p>\n      Information Processing Facilities (IPF) are housed in secure areas (sites\n      where sensitive information is handled or housed) physically protected\n      from unauthorised access, damage and interference by defined security\n      perimeters. Layered internal and external security controls are in place\n      to deter or prevent unauthorised access and protect assets. This includes\n      those that are critical or sensitive, against forcible or hidden attacks.\n    <\/p>\n\n    <ol start=\"8\">\n      <li><strong>Operations Security<\/strong><\/li>\n    <\/ol>\n    <p>\n      The Company ensures the correct and secure operations of information\n      processing systems.\n    <\/p>\n    <p>This includes:<\/p>\n    <ol type=\"a\">\n      <li>documented operating procedures;<\/li>\n      <li>use of formal change and capacity management;<\/li>\n      <li>controls against malware;<\/li>\n      <li>defined use of logging;<\/li>\n      <li>vulnerability management.<\/li>\n    <\/ol>\n\n    <ol start=\"9\">\n      <li><strong>Communications Security<\/strong><\/li>\n    <\/ol>\n    <p>\n      The Company maintains network security controls to ensure the protection\n      of information within its networks. The Company also provides the tools\n      and guidance to ensure the secure transfer of information both within its\n      networks as well as with external entities. This is done line with the\n      classification and handling requirements associated with each particular\n      type\/category of information.\n    <\/p>\n\n    <ol start=\"10\">\n      <li>\n        <strong>System Acquisition, Development &amp; Maintenance<\/strong>\n      <\/li>\n    <\/ol>\n    <p>\n      Information security requirements are defined during the development of\n      business requirements for new information systems or changes to existing\n      information systems.\n    <\/p>\n    <p>\n      Controls to reduce any risks identified are implemented where appropriate.\n    <\/p>\n    <p>\n      Systems development are always subject to change control and separation of\n      test, development and operational environments.\n    <\/p>\n\n    <ol start=\"11\">\n      <li><strong>Supplier Relationships<\/strong><\/li>\n    <\/ol>\n    <p>\n      The Company&rsquo;s information security requirements will be considered\n      when establishing relationships with suppliers, to ensure that assets\n      accessible to suppliers are protected.\n    <\/p>\n    <p>\n      Suppliers&rsquo; activity is monitored and audited according to the value\n      of the assets and the associated risks.\n    <\/p>\n\n    <ol start=\"12\">\n      <li><strong>Information Security Incident Management<\/strong><\/li>\n    <\/ol>\n    <p>\n      Guidance will be available on what constitutes an information security\n      incident and how this should be reported. Actual or suspected breaches of\n      information security must be reported and shall be investigated. The\n      appropriate action to correct the breach will be taken, and any learning\n      built into controls.\n    <\/p>\n\n    <ol start=\"13\">\n      <li>\n        <strong>\n          Information Security Aspects of Business Continuity Management<\/strong\n        >\n      <\/li>\n    <\/ol>\n    <p>\n      The Company has implemented arrangements to protect critical business\n      processes from the effects of major failures of information systems or\n      disasters. This is to ensure their timely recovery in line with documented\n      business needs. This will include appropriate backup routines and built-in\n      resilience.\n    <\/p>\n    <p>\n      Business continuity must be maintained and tested in support of this\n      policy.\n    <\/p>\n    <p>\n      Business impact analysis is undertaken, detailing the consequences of:\n    <\/p>\n    <ol type=\"a\">\n      <li>disasters;<\/li>\n      <li>security failure(s);<\/li>\n      <li>loss of service;<\/li>\n      <li>lack of service availability.<\/li>\n    <\/ol>\n\n    <ol start=\"14\">\n      <li><strong> Third-Party Management <\/strong><\/li>\n    <\/ol>\n    <p>\n      Third-party vendors, suppliers and\/or contractors shall be required to\n      adhere to the same information security standards as the Company and this\n      Policy. Contracts with third parties shall include provisions for data\n      protection and security audits.\n    <\/p>\n\n    <ol start=\"15\">\n      <li><strong> Compliance<\/strong><\/li>\n    <\/ol>\n    <p>\n      The design, operation, use and management of information systems must\n      comply with all statutory, regulatory and contractual security\n      requirements.\n    <\/p>\n    <p>Currently this includes:<\/p>\n    <ol type=\"a\">\n      <li>data protection legislation;<\/li>\n      <li>the payment card industry standard (PCI-DSS);<\/li>\n      <li>the government&rsquo;s Prevent strategy;<\/li>\n      <li>the Company&rsquo;s contractual commitments;<\/li>\n      <li>the Company&rsquo;s Policies and Procedures.<\/li>\n    <\/ol>\n    <p>\n      The Company uses a combination of internal and external audits to\n      demonstrate compliance against chosen standards and best practice,\n      including against internal policies and procedures.\n    <\/p>\n    <p>This include:<\/p>\n    <ul>\n      <li>IT health checks;<\/li>\n      <li>Gap analyses against documented standards;<\/li>\n      <li>Internal checks on staff compliance;<\/li>\n      <li>Returns from Information Asset Owners.<\/li>\n    <\/ul>\n  <\/body>\n<\/html>\n    <\/div>\n<\/div>\n<!-- \/module plain text -->        <\/div>\n                        <\/div>\n        <\/div>\n        <\/div>\n<!--\/themify_builder_content-->","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-904","page","type-page","status-publish","hentry","has-post-title","has-post-date","has-post-category","has-post-tag","has-post-comment","has-post-author",""],"builder_content":"<html> <head> <body> <h2><strong>Information Security Policy<\/strong><\/h2>\n <p><strong>PURPOSE<\/strong><\/p> <p> This high-level Information Security Policy sits alongside the &ldquo;Information Risk Management Policy&rdquo; and &ldquo;Data Protection Policy&rdquo;. This Policy provides a high-level outline of, and justification for, the Company&rsquo;s risk-based information security controls. <\/p>\n <p><strong>LEGAL BASIS<\/strong><\/p> <p> Information that is collected, analysed, stored, communicated and reported upon may be subject to theft, misuse, loss and corruption. <\/p> <p> Information may be put at risk by reduced awareness and\/or training, and the breach of security controls. <\/p> <p> Information security incidents can give rise to embarrassment, financial loss, non-compliance with standards and legislation, as well as possible judgements being made against the Company. <\/p>\n <p><strong>OBJECTIVES<\/strong><\/p> <p> Our Company&rsquo;s security objectives are key to improving Employees\/Users awareness and knowledge of security best practices. <\/p> <p>We focus on:<\/p> <ul> <li> information risks being identified, managed and treated according to a fixed risk tolerance; <\/li> <li> authorised Employees\/Users&rsquo; access and share information securely in order to perform their duties and roles; <\/li> <li> physical, procedural and technical controls are balanced with Employee\/User experience and security; <\/li> <li> contractual and legal obligations relating to information security being met at all times; <\/li> <li> all business and administrative activities always consider information security matters; <\/li> <li> individuals accessing information are aware of their information security responsibilities; <\/li> <li> incidents affecting information assets are quickly and effectively resolved and work as a motive to improve our security controls. <\/li> <\/ul>\n <p><strong>SCOPE<\/strong><\/p> <p> The Information Security Policy and its supporting controls, processes and procedures apply to all information used and processed by the Company, in all formats. This includes information processed by other organisations in their dealings with the Company. <\/p> <p> The Information Security Policy and its supporting controls, processes and procedures apply to all individuals who have access to the Company&rsquo;s information, technologies and apps, including external parties that provide information processing services to the Company. <\/p>\n <p><strong>COMPLIANCE MONITORING<\/strong><\/p> <p> Compliance with the controls in this Policy shall be monitored by the Information Security Team, and reported to the Information Security Officer. <\/p>\n <p><strong>REVIEW<\/strong><\/p> <p> A review of this Policy is undertaken by the Company&rsquo;s Legal Team on an annual basis or more frequently if required. <\/p>\n <p><strong>POLICY STATEMENT<\/strong><\/p> <p> It is the Company&rsquo;s policy to ensure that information is protected from a loss of: <\/p> <ol type=\"a\"> <li> <strong>Confidentiality:<\/strong> information will be lawfully accessible only to authorised individuals. <\/li> <li> <strong>Integrity:<\/strong> the accuracy and completeness of information will be maintained. <\/li> <li> <strong>Availability:<\/strong> information will be accessible to authorised Employees\/Users and processed only as required by law or lawful purpose. <\/li> <\/ol> <p> The Company will implement an Information Security Management System based on certified standards as required by law. The Company shall be mindful of the approaches adopted by its stakeholders, including third partners. <\/p>\n <p> <strong >The Company adopts a risk-based approach to the application of the following controls:<\/strong > <\/p>\n <ol> <li><strong>Information Security Policies<\/strong><\/li> <\/ol> <p> A set of lower-level controls, processes and procedures for information security are defined, in support of the high-level Information Security Policy and its stated objectives. This suite of supporting documentation as approved by the Company, shall be published and communicated to Company&rsquo;s Employees\/Users and relevant external parties. <\/p>\n <ol start=\"2\"> <li><strong>Organisation of Information Security<\/strong><\/li> <\/ol> <p> The Company defines and implements suitable governance arrangements for the management of information security. This includes identification and allocation of security responsibilities, to initiate and control the implementation and operation of information security within the Company. <\/p> <p> The Company has appointed Information Security Officer and take accountability for information risk. <\/p>\n <ol start=\"3\"> <li><strong>Human Resources Security<\/strong><\/li> <\/ol> <p> The Company&rsquo;s security policies and expectations for acceptable use will be communicated to all Employees\/Users to ensure that they understand their information security obligations and responsibilities. Information security training will be made available to all Employees\/Users. Poor or inappropriate behaviour will be addressed. <\/p> <p> Where practical, security responsibilities will be included in role descriptions, person specifications and personal development plans. <\/p>\n <ol start=\"4\"> <li><strong>Information Assets management<\/strong><\/li> <\/ol> <p>All information assets will be documented and accounted for.<\/p> <p>This includes:<\/p> <ol type=\"a\"> <li> Information: any information that can be used to identify a person, including sensitive information; <\/li> <li>Software;<\/li> <li>Electronic information processing equipment;<\/li> <li>Service benefits;<\/li> <li>Human Resources.<\/li> <\/ol> <p> Owners will be identified for all information assets and will be responsible for the maintenance and protection of their assets. <\/p> <p> All information assets are classified according to their legal requirements, business value, criticality and sensitivity. Classification indicates appropriate handling requirements. All information assets will have a defined retention and disposal schedule. <\/p>\n <ol start=\"5\"> <li><strong>Access Control<\/strong><\/li> <\/ol> <p> Access to all information will be controlled and will be driven by business requirements. Access will be granted or arrangements made for Employees\/Users according to their role and the classification of information, only to a level that will allow them to carry out their duties. <\/p> <p> A formal user registration and de-registration procedure will be maintained for access to all information systems and services. This will include mandatory authentication methods based on the sensitivity of the information being accessed, and will include consideration of multiple factors as appropriate. <\/p> <p> Specific controls will be implemented for users with elevated privileges, to reduce the risk of negligent or deliberate system misuse. The separation of duties will be implemented, where practical. <\/p>\n <ol start=\"6\"> <li><strong>Cryptography<\/strong><\/li> <\/ol> <p> The Company will provide guidance and tools to ensure proper and effective use of cryptography to protect the confidentiality, authenticity and integrity of information and systems. <\/p>\n <ol start=\"7\"> <li><strong>Physical &amp; Environmental Security<\/strong><\/li> <\/ol> <p> Information Processing Facilities (IPF) are housed in secure areas (sites where sensitive information is handled or housed) physically protected from unauthorised access, damage and interference by defined security perimeters. Layered internal and external security controls are in place to deter or prevent unauthorised access and protect assets. This includes those that are critical or sensitive, against forcible or hidden attacks. <\/p>\n <ol start=\"8\"> <li><strong>Operations Security<\/strong><\/li> <\/ol> <p> The Company ensures the correct and secure operations of information processing systems. <\/p> <p>This includes:<\/p> <ol type=\"a\"> <li>documented operating procedures;<\/li> <li>use of formal change and capacity management;<\/li> <li>controls against malware;<\/li> <li>defined use of logging;<\/li> <li>vulnerability management.<\/li> <\/ol>\n <ol start=\"9\"> <li><strong>Communications Security<\/strong><\/li> <\/ol> <p> The Company maintains network security controls to ensure the protection of information within its networks. The Company also provides the tools and guidance to ensure the secure transfer of information both within its networks as well as with external entities. This is done line with the classification and handling requirements associated with each particular type\/category of information. <\/p>\n <ol start=\"10\"> <li> <strong>System Acquisition, Development &amp; Maintenance<\/strong> <\/li> <\/ol> <p> Information security requirements are defined during the development of business requirements for new information systems or changes to existing information systems. <\/p> <p> Controls to reduce any risks identified are implemented where appropriate. <\/p> <p> Systems development are always subject to change control and separation of test, development and operational environments. <\/p>\n <ol start=\"11\"> <li><strong>Supplier Relationships<\/strong><\/li> <\/ol> <p> The Company&rsquo;s information security requirements will be considered when establishing relationships with suppliers, to ensure that assets accessible to suppliers are protected. <\/p> <p> Suppliers&rsquo; activity is monitored and audited according to the value of the assets and the associated risks. <\/p>\n <ol start=\"12\"> <li><strong>Information Security Incident Management<\/strong><\/li> <\/ol> <p> Guidance will be available on what constitutes an information security incident and how this should be reported. Actual or suspected breaches of information security must be reported and shall be investigated. The appropriate action to correct the breach will be taken, and any learning built into controls. <\/p>\n <ol start=\"13\"> <li> <strong> Information Security Aspects of Business Continuity Management<\/strong > <\/li> <\/ol> <p> The Company has implemented arrangements to protect critical business processes from the effects of major failures of information systems or disasters. This is to ensure their timely recovery in line with documented business needs. This will include appropriate backup routines and built-in resilience. <\/p> <p> Business continuity must be maintained and tested in support of this policy. <\/p> <p> Business impact analysis is undertaken, detailing the consequences of: <\/p> <ol type=\"a\"> <li>disasters;<\/li> <li>security failure(s);<\/li> <li>loss of service;<\/li> <li>lack of service availability.<\/li> <\/ol>\n <ol start=\"14\"> <li><strong> Third-Party Management <\/strong><\/li> <\/ol> <p> Third-party vendors, suppliers and\/or contractors shall be required to adhere to the same information security standards as the Company and this Policy. Contracts with third parties shall include provisions for data protection and security audits. <\/p>\n <ol start=\"15\"> <li><strong> Compliance<\/strong><\/li> <\/ol> <p> The design, operation, use and management of information systems must comply with all statutory, regulatory and contractual security requirements. <\/p> <p>Currently this includes:<\/p> <ol type=\"a\"> <li>data protection legislation;<\/li> <li>the payment card industry standard (PCI-DSS);<\/li> <li>the government&rsquo;s Prevent strategy;<\/li> <li>the Company&rsquo;s contractual commitments;<\/li> <li>the Company&rsquo;s Policies and Procedures.<\/li> <\/ol> <p> The Company uses a combination of internal and external audits to demonstrate compliance against chosen standards and best practice, including against internal policies and procedures. <\/p> <p>This include:<\/p> <ul> <li>IT health checks;<\/li> <li>Gap analyses against documented standards;<\/li> <li>Internal checks on staff compliance;<\/li> <li>Returns from Information Asset Owners.<\/li> <\/ul> <\/body> <\/html>","_links":{"self":[{"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/pages\/904","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=904"}],"version-history":[{"count":10,"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/pages\/904\/revisions"}],"predecessor-version":[{"id":1062,"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/pages\/904\/revisions\/1062"}],"wp:attachment":[{"href":"https:\/\/involvedengagement.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=904"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}