Have you ever wondered what happens to the information you provide to an organization when you purchase a product or service?
As consumers we need to know that an organization has effective systems in place to protect our information and that organizations ensure our commercially sensitive information is protected.
What is the blue StandardsMark?
Organisations that display the blue StandardsMark demonstrate to their clients and consumers that SAI Global regularly audits their systems for managing information.
How does the blue StandardsMark affect your own private details?
Have you thought about how many organizations possess personal information about you? Telephone companies, credit card companies, banks and mortgage providers, home and car insurance, airlines, utility organizations, market research, and of course your own employer all have information that you would not want disclosed to the public. On top of this, various government organisations require your information in order to provide their services.
There are many risks involved in supplying organizations with your personal information. These include:
· Whether the raw data containing your personal details can be recovered in the event of a disaster. For example, if their web site goes down, their computer systems fail or a computer virus spreads around the organization
· Whether an organization considers your details to be private and confidential. For example, if the company that stores and manages your personal information ensures that only the right people can access the right information, for the right reasons
In providing your personal information to organizations that feature the blue StandardsMark, you can rest assured that they have considered the security risks to your details and have plans in place to minimize them.
How will the blue StandardsMark help protect your personal information?
The blue StandardsMark ensures that organizations know how to identify security risks before they occur and implement a management system to reduce the likelihood of these events happening.
An information security management system involves four key steps:
1. Identifying and prioritising all of these possible hazards and risks
2. Deciding who in the organization has responsibility to address them
3. Giving them the resources and authority to do something about it
4. Evaluating and reviewing what has been implemented.
So when you see an organization displaying our StandardsMark for information security it means that they are serious about taking care of all of these risks.