With this exponential growth of digital channels fueled by the COVID-19 pandemic, a responsive and data-driven approach to continuous improvement has become even more important, as TD Bank proves in both the Canadian and US markets.
ISO 27001 - What it means for Touchpoint Group, its stakeholders and clients
With an inundation of personal data so readily available online and digitally stored within almost every business, cyber attacks and data breaches have become a staple mention in the global data risk landscape. Data breaches are indiscriminate - plaguing the biggest corporate brands and government agencies as well as small time local businesses. A data breach results in numerous headaches for businesses, including loss of customer trust, negative brand impact, and financial damage - not to mention a huge use of resources to remedy the issue.
In recent years a stronger emphasis on risk mitigation has been key to reducing the impact or stopping data breaches before they happen. ISO 27001 is an internationally recognised information security standard. It provides best practice requirements and controls on the implementation and maintenance of an Information Security Management System (ISMS). An organisation’s ISMS is a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organisation’s risk management process. As such it facilitates the ongoing security of private and confidential data.
In 2020, Touchpoint Group became one of the only businesses in our space in New Zealand to be awarded the ISO 27001:2013 certification by implementing a robust ISO 27001 compliant ISMS. This post delves into the importance of this certification for both Touchpoint Group and its clients, existing and new.
Why ISO 27001:2013
Touchpoint Group operates on a global scale, therefore the importance of having an internationally recognised certification is a must.
The benefits of such certification is that it’s based on a standard which is administered by a non-governmental organisation made up of 165 national standard bodies allowing it to follow guidance and best practice from a number of countries and industries to build its standard.
ISO 27017 is the Code of Practice for Information Security Controls Based on ISO/IEC 27001 for Cloud Services, a Touchpoint Group speciality. It is one of many ISO standards developed to help consumers and customers have confidence that the range of industries, goods and products they are interacting with are safe and of good quality.
More around ISO Standards can be found here.
What benefit does Touchpoint Group being ISO certified have for my business?
Touchpoint Group’s ISO certification provides clients with clarity and confidence that we understand the rules and regulations around data security and privacy, with the knowledge that our protocols are independently reviewed by an Accredited Certified Body. As a client, this gives you the knowledge that we have protocols in place to help avoid data breaches and mitigate the risk of one happening and should it happen, deal with such incidents when they occur.
Touchpoint Group prides itself on its data capture, management, and security as it is the foundational element of all our platforms, it’s what makes Touchpoint tick. Therefore, taking data management and security risk seriously is top priority, especially as we work with large corporate organisations in the banking, finance, telco and insurance industries.
If you have questions about ISO 27001 and what it means for protecting your customers’ information while using Touchpoint Group’s products, get in touch using the contact form below. You can also learn more about our organisational security and compliance measures including ISMS processes and business continuity by visiting the Dedication to Data Security page.
Touchpoint Group has an incredibly knowledgeable and dedicated Chief Information Security Officer who oversees ongoing information security compliance, strategy and change, throughout the business, undertakes ongoing audits and training of all internal staff (regardless of their exposure to personal data or secure information). The CISO’s role is to ensure information assets and technologies are protected. You can read more about Touchpoint Group’s CISO, Karen, below.
‘Joining us back in 2007, Karen started as a Systems Administrator - from here she took on key roles throughout the Groups Security & Infrastructure team, quickly becoming a coveted member of senior management. After a short fling elsewhere in the industry, Karen returned back to Touchpoint Group better than ever, taking on one of our most critical roles as the CISO with a key focus on managing the responsibilities of security, privacy and infrastructure.
Karen’s biggest achievement of late is getting Touchpoint Group over the line and becoming ISO 27001 certified. A major and incredibly important feat. in our industry.
To learn more about the advantages of working with an ISMS accredited organisation, get in touch with our team of experts today.
For more about data security and our dedication to ensuring your customer's information is managed safely, get in touch with our team so that we can understand your needs.