We take information security seriously
These standards apply to all the information we receive, generate or process whilst delivering best-in-class intelligent marketing for you. Whether it is information or data you hold yourself, you share with us or which we establish in doing our work, we are clear on all of the following:
- The information we hold or process
- The purpose for gathering it
- What information systems are involved
- Who has access to the information
Whilst no organisation can ever 100% guarantee to prevent a breach of information security and privacy, CWA will never sit back and leave it all to fate. We do our utmost to be proactive and take a risk-based approach, as demonstrated by our industry-recognised certification to ISO 27001.
We take steps to reduce the likelihood of breaches by taking time to understand how a breach of confidentiality, integrity or availability could happen, the impact it will have on everyone concerned, including you, and just how likely it is that this could happen.
On an ongoing basis and where necessary, we assess the overall risk and implement organisational controls to reduce the likelihood of an incident happening and, should an incident still occur, reduce the impact to all concerned.
Controls can include policies, processes, procedures and standards. We use various technologies and services along with plenty of training for our staff to embed all this good stuff into how we work for our clients and prospective clients day to day. We even ensure that any suppliers we work with, who handle your or even our own data, when working with us, can demonstrate a mature approach to information security and privacy.
All these controls require good maintenance to ensure they minimise the chance of a breach of information security. We ensure that the resources are available to effectively maintain the controls we’ve put in place and to review these to identify opportunities for improvement on an ongoing basis.
Even with effective maintenance of all our security controls, things change. And when they change, they can sometimes have an impact on the risk of an information security incident happening or even its impact. We’re committed to keeping an eye out for change, especially anything that relates to information security. We closely review how we deliver our products and services and the forces at play in the markets where we operate who have an interest in information security. We listen to our clients' information security challenges and always find a way to ensure they feel their data is in good hands when they work with us. That’s one of the reasons why we’ve been ISO 27001 certified since 2009.
If you have any questions, please get in touch.