Wednesday, November 5, 2008

Broadridge receives ISO 27001 certification for ProxyPlus

This international certification specifically covers Broadridge's Information Security Management Systems (ISMS) for these flagship products, validating that the associated security policies for these applications have undergone in-depth testing and external audits. The new certification provides better protection and privacy for Broadridge's clients' data by ensuring that there is enhanced tracking and reporting on the company's security initiatives. Broadridge is distinguished among its competitors for its superior information security model and is one of only 77 companies in the United States that are currently ISO 27001 certified; of these companies, less than 10% are in the financial services industry.

Broadridge recognizes that the data processed by Broadridge on behalf of its clients is among its clients' most vital assets as it is confidential information related to their retail and institutional brokerage and investor communications activities. The certification adds yet another layer of security for Broadridge clients as they conduct their integral operations and transactions using key Broadridge applications to process this data. ProxyPlus is Broadridge's enterprise application that supports the core processing functions of Broadridge's proxy services, the company's largest business. Broadridge's BPS platform is one of the most robust securities processing engines in the industry for equities, mutual funds, and options providing real-time interfaces, as well as links to all major United States exchanges. Broadridge's impact solution is an integrated, online fixed-income securities transaction processing system, offering leading global financial institutions the ability to process fixed-income trades from order entry through to customized post-trade reporting. The certification of ProxyPlus, BPS, and impact offers the global banks and broker-dealers as well as corporate issuers and mutual funds whose data is processed using these three applicatiications, the assurance that Broadridge has created and implemented information security practices that are comprehensive and stringent enough to meet ISO standards.

The ISO 27001 Certification is designed to assist corporations with the development of a consistent methodology for implementing information security at the program level, as well as defining key control objectives designed to protect information assets. ISO 27001 is the only auditable international standard which defines the requirements to ensure that sufficient security controls are instituted within the certified organization. Additionally, maintaining the ISO 27001 Certification requires an annual review and three year re-certification. The continual scrutiny of Broadridge's ISMS in this manner provides confidence to clients that their data is protected on an ongoing basis.

"We are proud to have earned this certification and believe it reflects the dedication of our Information Security team to ensure that we have the highest level of controls in place when handling our clients' confidential information," said Mark Schlesinger, Chief Information Officer, Broadridge. "Data security is essential to the survival and stability of any organization and Broadridge's ISO Certification offers our clients a higher level of safeguard and protection for their information assets," Mr. Schlesinger added. To ensure that management is closely tied to ISO 27001 compliance, Broadridge has created a governance program that includes a management committee and has appointed information security champions in departments and divisions throughout the company whose job it is to support ongoing and timely security enhancements. This certification is just the beginning of what is envisioned as a multi-year plan to enhance and expand Broadridge's internal controls and security strategy.

Source: http://www.finextra.com

No comments: