Estimated reading time: 3 minutes
Whether a private or corporate consumer of technology, the need for appropriate governance and assurance from service providers remains a key priority. Barely a week goes by without yet another organisation publicly dealing with a loss or leak of data – at best an embarrassment and at worst a breach that actively compromises their integrity or that of their assets. This leads to questions on the security and trustworthiness of both parties and their resources.
Assurance is defined as “a positive declaration intended to give confidence; a promise”. Current trends in security governance demand two-way assurance between supplier and customer. When awarding contracts to suppliers, organisations need to carefully consider the level of governance, assurance and security appropriate for the data being shared. For their part, the service provider must take responsibility for operating a robust and secure service. Whilst the customer may expect the provider to do so, there is no substitute for an independent review of processes and procedures to keep things secure and honest. The role of international standards and compliance regimes is key in providing that assurance for the customer and the standards framework for the supplier.
At Commerce Decisions we are proud of our information security practices. We deliver assured security to our team and clients as part of a proven quality management system which is certified to ISO9001 and ISO27001 standards. These certifications allow us to consistently provide products and services that meet the needs of procurement professionals and world class buying organisations globally. Not only do these accreditations provide assurance to us and our stakeholders, they also provide verification – through continuous auditing and certification – that we are measured independently against recognised standards and the targets that we have set ourselves. AWARD® is entrusted to manage significant volumes of Government, Defence and Commercially sensitive data. It is therefore imperative that our information management procedures are aligned with industry best practice.
Through an annual audit and reaccreditation regime, we continuously maintain and improve what we do. Certification against these standards provides confidence to our clients and their stakeholders that we operate at the highest levels of quality and security:
- Proof of continuous improvement aligned to developing standards.
- Assurance that we train and continuously improve the knowledge of our people so they operate safely and securely.
- Confidence that we conduct penetration and resiliency testing of our services, practice business continuity plans and ultimately ensure that the data entrusted to us stays safe and is available when needed.
It is clear from many recent events that verified assurance of corporate governance, quality and security should be one of the central pillars of any procurement decision for cloud technologies – especially where the data being stored is sensitive in nature or its loss could cause significant damage to the interests of the client, its suppliers or stakeholders. At Commerce Decisions, we are proud to offer secure, independently verified solutions to our clients and their stakeholders to deliver a confident and assured service.
