Konfir considers Information Security as essential for maintaining client and applicant confidence, as well as for legal, regulatory and contractual compliance. Konfir maintains an Information Security Management System (ISMS) and is ISO 27001 accredited.
Having been assessed as meeting the full requirements of ISO 27001, our ISMS is continually reviewed to ensure that it is aligned with the evolving needs of the business. Konfir is committed to handling all information securely, demonstrating our dedication to continual improvement and to providing a secure, high-quality solution.
By implementing and maintaining an ISMS, Konfir’s management aims to maintain current risks within our agreed appetite and to manage new and evolving risks consistently.
To ensure a solid foundation of knowledge around information security, risks, and individual responsibilities, Konfir provides ongoing training and development opportunities for all team members, reinforcing a culture of security awareness and proactive risk management. We engage all our team members in the growth of the company and we encourage the utilisation of skills and knowledge to continually improve our services and to support the effectiveness of the ISMS. Our objective is to protect our clients and Konfir’s information from all threats, whether internal or external, deliberate or accidental.
We shall take all reasonable measures to protect information in terms of:
In particular Konfir will:
Konfir has an InfoSec team who are directly responsible for maintaining the ISMS and providing advice and guidance on its implementation.
All Leadership Team members are responsible for implementing the ISMS within their functional area, and for communicating and ensuring that all individuals adhere to the ISMS. Failure to do so may result in disciplinary action.
The CEO holds the overall responsibility for ensuring that the ISMS is implemented, developed and reviewed effectively.
This statement represents our general position on Information Security issues, and the policies and practices we will apply in conducting our business. It reflects the seriousness with which Konfir takes information security.