November 27, 2017
Decideware provides software solutions which enable advertiser clients to assess, manage, and monitor marketing agency and strategic supplier relationships and performance. It is a key responsibility for Decideware to protect all sensitive and confidential information entrusted to Decideware from the rapidly evolving nature of security threats that may affect business operations and the organizations reputation.
The Chairman, CEO, Senior Management and all employees are committed to an effective Information Security Management System in accordance with Decideware’s strategic business objectives.
Decideware considers Information Security aspects as a top priority for client confidence, legal, regulatory and contractual compliance and is committed to ensuring all information is handled in a secure manner and maintaining the ISMS to meet the requirements of ISO27001:2013 and ISO70018:2015.
To ensure business continuity and minimise business damage by preventing and minimising the impact of security incidents. In deploying the Decideware ISMS, the Management Team aims to maintain existing known risks at their current low level and ensures that new and changing risks are managed in an equally consistent and professional manner.
To protect both Decideware and Decideware’s clients’ physical and electronic information assets from all threats, both internal and external, deliberate or accidental.
Decideware’s Chief Executive Officer has approved the Information Security Management Policy (Policy).
Protection of information is set out in terms of:
The overall responsibility for ensuring that the Policy is implemented, developed and reviewed effectively rests with the Chief Executive Officer. This responsibility will be delegated throughout the management structure reflecting Decideware’s continued commitment to Security at all levels.
The Chief Information Officer has direct responsibility for maintaining the Policy and providing advice and guidance on its implementation. The Chief Information Officer is responsible for the monitoring, evaluation and reporting of compliance to the Policy.
All managers are directly responsible for implementing the Security Policy within their business areas, and for adherence by their staff.
It is the responsibility of each member of staff to be familiar with and adhere to the Policy and relevant standards and procedures. Failure to adhere to the Security Policy may result in disciplinary action.
This statement represents Decideware’s general position on Information Security issues, and the policies and practices applied in conducting business.
Decideware, the world’s leading provider of agency management solutions for major advertisers, is pleased to announce its successful achievement of the International Organization for Standardization’s respected ISO 27001:2013 Information Security Management System certification.
This standard formalizes the requirements of an ISMS - a systematic approach to keep sensitive information and assets secure within organisations. It includes the application of a risk management framework to people, processes and IT systems.
Additionally, and alongside ISO 27001 certification Decideware has also achieved ISO 27017:2015 Cloud Security Management System certification, a code of practice for information security controls for cloud services.
To achieve these certifications, a company must show it has a systematic and ongoing approach to managing sensitive company and customer information. As such, ISO 27001 certification is a dynamic process, requiring at least annual audits and periodic renewal of the certification.
For further information, contact:
Arnold van den Bovenkamp – Chief Information Officer
+61 2 9959 0600