This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
We recognise that in order to be successful, we are required to take risks. However, risks need to be taken in a controlled environment.
Our approach is one of responsible risk taking in line with the principles, culture, tolerance and appetite as directed by the Board. The Board is committed to continue to drive forward our Risk Management processes to enable:
- The safeguarding of the Group’s assets
- Effective decision making
- Embed risk management considerations and foster accountability for risk throughout the organisation
The Board sets the Group’s risk appetite. In doing so, the Board considers our strategic objectives, the Group’s principal risks & uncertainties and assesses against the long-term viability of the Group. The Board also considers the views of the Executive Management and Audit Committee as part of its systematic review of internal controls.
Data Privacy & Cybersecurity
Product Security
- Our Intelligence Centers are hosted by partners that are ISO27001 certified. Our hosting platform was built with continuity in mind, and with disaster recovery in place
- Privileged access is tightly managed
- Our platforms run with an uptime of 99.9% or higher
- Third-party security tools continuously scan for vulnerabilities and external security experts perform regular penetration tests
Ensuring Integrity of Data
- Anti-virus and Endpoint Protection are installed on GlobalData systems
- We maintain a 24x7x365 Security Operations Centre, via an external partner
- We employ network security, including firewalls, IPS and WAFs
- We operate global patching policies
Maintaining Confidentiality
- Information security policies are communicated to all employees and Information Security and Awareness training is completed annually
- We employ a dedicated information security team
- Access control policies limit access to information only to those that need it
- All employee contracts include a confidentiality agreement
Protecting Availability of Information
- Backup policies are in place to prevent data loss
- GlobalData operates a protocol for incidence response which includes escalation procedures, mitigation and post-mortem
- We provide a global work-from-home capability to boost resilience
- We operate change management procedures over core applications