October 29, 2018
Decideware provides software solutions which enable advertiser clients to assess, manage, and monitor marketing agency and strategic supplier relationships and performance. It is a key responsibility for Decideware to protect all sensitive and conﬁdential information entrusted to Decideware from the rapidly evolving nature of security threats that may aﬀect business operations and the organizations reputation.
The Chairman, CEO, Senior Management and all employees are committed to an eﬀective Information Security Management System in accordance with Decideware’s strategic business objectives.
Decideware considers Information Security aspects as a top priority for client conﬁdence, legal, regulatory and contractual compliance and is committed to ensuring all information is handled in a secure manner and maintaining the ISMS to meet the requirements of ISO27001:2013 and ISO27017:2015.
To ensure business continuity and minimise business damage by preventing and minimising the impact of security incidents. In deploying the Decideware ISMS, the Management Team aims to maintain existing known risks at their current low level and ensures that new and changing risks are managed in an equally consistent and professional manner.
To protect both Decideware and Decideware’s clients’ physical and electronic information assets from all threats, both internal and external, deliberate or accidental.
Decideware’s Chief Executive Oﬃcer has approved the Information Security Management Policy (Policy).
Protection of information is set out in terms of:
The overall responsibility for ensuring that the Policy is implemented, developed and reviewed eﬀectively rests with the Chief Executive Oﬃcer. This responsibility will be delegated throughout the management structure reﬂecting Decideware’s continued commitment to Security at all levels.
The Chief Information Oﬃcer has direct responsibility for maintaining the Policy and providing advice and guidance on its implementation. The Chief Information Oﬃcer is responsible for the monitoring, evaluation and reporting of compliance to the Policy.
All managers are directly responsible for implementing the Security Policy within their business areas, and for adherence by their staﬀ.
It is the responsibility of each member of staﬀ to be familiar with and adhere to the Policy and relevant standards and procedures. Failure to adhere to the Security Policy may result in disciplinary action.
This statement represents Decideware’s general position on Information Security issues, and the policies and practices applied in conducting business.
Decideware, the world’s leading provider of agency management solutions for major advertisers, is pleased to announce its successful achievement of the International Organization for Standardization’s respected ISO 27001:2013 Information Security Management System certiﬁcation.
This standard formalizes the requirements of an ISMS - a systematic approach to keep sensitive information and assets secure within organisations. It includes the application of a risk management framework to people, processes and IT systems.
Additionally, and alongside ISO 27001 certiﬁcation Decideware has also achieved ISO 27017:2015 Cloud Security Management System certiﬁcation, a code of practice for information security controls for cloud services.
To achieve these certiﬁcations, a company must show it has a systematic and ongoing approach to managing sensitive company and customer information. As such, ISO 27001 certiﬁcation is a dynamic process, requiring at least annual audits and periodic renewal of the certiﬁcation.
Arnold van den Bovenkamp – Chief Information Oﬃcer