We use entityOS.cloud as our platform. Allowing use to leverage its security systems and certification to ISO27001/17.
We use the best standards (ISO27001/17) to guide our risk based information systems.
We review and maintain constantly.
The foundation:
Confidentiality
Integrity
Availability
...
Information security accountability is in our DNA. Every decision we make and service provider we engage with, information security is always top of mind.
Information security is hard-baked into our goverance. All planning is driven by our ISMS. Our key stakeholders update/AGM ("roadmap") is driven by our information security reviews.
All roles are zoned and clearly indentified in relation to impact on information security. All employees are screened and only gain operational access after key tests have been passed, including time with the selfdriven organisation.
From day one it's everywhere within the selfdriven organisation, backed by constant training. It's Hard-baked into HR.
We are constantly managing risks in relation to information security, as it is core to the value of business to our customers and shareholders.
Within in our ISMS we have an incident management process which includes notification to all key stakeholders.
The testing of our services is core to our operations, and we rely our own automated testing service which is running constantly.
We are constantly reviewing our ISMS and associated controls via periodic management and technical reviews.
Continuity services are built into selfdriven.cloud. You can use these services as part of your organisations business continuity plan.
The selfdriven Management has committed to the integration of information security into all areas of the business, to the level of globally acceptable standards.
We are committed to the care of our information security assets in the sense of their integrity, confidentiality and availability. Our aim is also to permanently keep and maintain the achieved level of the information security, along with continual improvement.
Our information security commitment, is to all areas of the business, including but not limited to: Business operations, cloud based product development, business and system architecture, Operating Model, HR policies, IT security policies, employment agreements, systems and cloud security, director policy for role based security and administrative privileges, cloud service provider internal compliance and certifications, client/user engagement, project and software lifecycles & governance.
An Information Security Management Reference (ISMS) reference document has been created to define the purpose, scope, direction, principles and basic rules for our information security. The ISMS is available for review by all selfdriven employees and any interested parties.
The confidentiality, integrity, protection and availability of selfdriven's information assets should always be preserved, whatever the form of the information and however it is shared, utilised, communicated or stored.
The ISMS is based on the ISO 27001, 27017 Information Security standards.
If you require more details then please contact us.