ProService Finteco has implemented and maintains Information Security Management System, which has been certified by the Quality Certification Center accredited by the Polish Centre for Accreditation. The certificate confirms fulfilment by ProService Finteco of the requirements of ISO/IEC 27001, within the scope of transfer agent services provided to fund management companies, employee pension funds, life insurance companies, open pension funds, general pension companies and foreign assets management companies.
ISO/IEC 27001 provides a set of guidelines for the implementation and maintenance of information security in the company. Individual chapters are devoted to such issues as security policy, classification of the assets of the organization and personal security, or system access control, system development and maintenance.
The benefits of using methodology of information security management consistent with ISO 27001, are the following:
- high level of security of all corporate information and information entrusted by Clients, verified periodically by independent experts, and thus, increase the value of the company,
- integrated approach to security and technical-organizational solutions,
- clearly specified scope of the entitlements and responsibilities of our staff,
- implementation of the company’s objectives by eliminating the threats.
ISO 27001 certificate is renewed yearly by ProService Finteco.
In the context of the Information Security Management System, PS Finteco is committed to its continuous improvement by identifying other standards and good practices in the field of information security and adjusting them to the organization. Current efforts are related to ensuring compliance with IT guidelines issued by the Polish Financial Supervision Authority.
ProService Finteco within its activities is also developing the security culture by trainings and awareness activities for employees, as well as by openness to cooperation with inspections and audits initiated by the Clients. These reviews are aimed to be independent confirmation of the effectiveness of the information security measures in the organization.