Security
Understanding the Risks
In today’s operating environment, it is essential for every company to have robust information security and data protection infrastructure in place. For financial services organisations, this is even more important – cyberattacks are a top risk factor for most firms, and the likelihood of being attacked is significantly greater for the industry as a whole. RiskLogix understands this means it’s important to get information security right.
Protecting GRC information
For more than 15 years, RiskLogix has made information security and data protection a priority. The company, and aCCelerate GRC as a solution, adhere to key best practices and international standards. RiskLogix also works with technology partners who have the same strong commitments, and who understand the specific needs of the financial services industry in this regard.
It is not possible to list all information security measures here, but key elements of RiskLogix’s overall approach include:
- RiskLogix is ISO027001-certified, and works with ISO027001 technology partners.
- aCCelerate GRC as a Service is provided in the highly secure Microsoft Azure platform, which meets a broad range of international, country, and industry-specific compliance standards.
- aCCelerate GRC in the Cloud can be hosted on an organisation’s choice of Cloud provider to comply with local information security and data protection regulations.
- Microsoft Azure also offers robust business continuity support, including 99.95% availability of services, round-the-clock health monitoring, and quick scale-up or -down to match demand.
- Encryption is at both the application and database level, and back-up encryption is also in place. The solution uses one of the most secure encryption approaches available today.
- Data access within the solution can be configured on a per-user basis in line with the firm’s policies and user roles.
- aCCelerate GRC captures all security audit logs as standard practice. These can be accessed on request or integrated into a firm’s information security solutions via a custom API.
For more details about our approach to information security, please reach out to us to have a conversation.