IT and Cybersecurity

Information Security is a strategic priority for the business and it is at the core of our processes and technologies, for both our business units and our central functions.

Sustainability Report

A strategic priority

A strategic priority

Information security risks feed into the wider decision making of the business, as we strive to increase the maturity of our information security function year-on-year.

In 2020, GiG maintained its maturity in its key processes related to Identity and Access Management, Vulnerability Management, User Awareness, Policy Management, Incident Management and Governance. We also set

out to further invest and increase its maturity in Risk Management, Application Security Architecture, Threat monitoring and Incident Management, Vulnerability Management and Supplier Due Diligence. We also initiated plans for Business Continuity Management, safeguarding our future in every circumstance, and will update the business in 2021

 

ISO Certification

GiG’s information security processes are regularly tested by independent auditors, to meet regulatory and compliance requirements and make sure controls are working as required to mitigate risk. In 2018, such information security processes were tested against the highest international standards set down by the International Organization for Standardization via an ISO 27001:2013 audit. In 2019, the certificate was renewed. The GiG Core platform was validated as meeting such standards by an independent audit firm, which is accredited by the United Kingdom Accreditation Service (UKAS). In 2020, we maintained our ISO 27001 certification for our GiG Core and GiG Data products, and their supporting functions. Preparations to obtain the certification for its frontend products were also initiated.

Contact sales