Security Capability
With a background in financial services our tolerance for risk is low and ever present. We have a culture and method of working that is underpinned by the comprehensive security management system we have devised and implemented. Our approach is simple - systematically consider what can go wrong and then mitigate against it. With continuous assessment, refinement and treatment of risk we avoid incidents, safeguard client information and provide a safe uninterrupted service.
Security Compliance
The Exbos security system is audited each year gainst the ISO27001 2013 Standard for the following scope:
Information security for the product management, design, development, test, release, support and maintenance of software systems and the management of associated hosting services.
Exbos organise people, technology and processes to effectively manage current and evolving security risks. Equal importance is given to digital, spoken and written information to ensure confidentiality, integrity and availability remain intact.
Even the most advanced technically secure system can be vulnerable if let down by people. Our security systems are evident in our working practice and prominent throughout our in-house online project management system.
Consequently we have a proven track record of enterprise grade systems that are safe not just for normal processing but also for handling financial transactions. Our awareness of the risk landscape, and effort to continuously improve our practice, is clear through the way we work and the many internal and external audits which monitor security compliance.
Confidentiality
Numerous controls are employed to ensure information is restricted only to those who should see it.
We protect against external intrusion but also limit access, within an organisation, only to those with rights or permissions to it.
Integrity
With skills and capability to take on even the most challenging of projects, our enterprise grade security architecture is built to be robust and reliable.
Additionally, we guard against malicious or accidental data loss or degradation through controls which ensure your data stays intact, accurate and protected.
Availability
Every effort is spent to ensure your data is there when you need it.
Multiple controls are employed to ensure your business is not disrupted by events outside our control.
We anticipate, plan and practice business continuity and disaster recovery exercises to allow rapid responses and mitigate these risks.
What Auditors LQRA Had To Say
"It was clear that improvements around the information security culture of the organisation were also being transferred to the Exbos customer base"
"The management system continues to become embedded within the organisation"
"A series of well implemented and robust information security controls were demonstrable, with a good understanding of the information security related risks and issues"