As part of our commitment to protecting customer data entrusted to us, we are pleased to advise that Premium Credit has achieved ISO/IEC 27001 Information Security Management recertification as part of our ongoing review of security standards.
Internationally recognized ISO/IEC 27001 is a framework which helps organisations manage and protect their information assets so that they remain safe and secure. It allows us to continually review and refine the way we do this, not only for today, but also for the future.
Additional recertification achieved in the last year includes the Payment Card Industry Data Security Standard (PCI DSS) ensuring the correct controls are in place to protect cardholder data. Premium Credit currently maintains a level-1 Service Provider and a Level 2 Merchant assessment which is audited annually by a PCI Qualified Security Assessor to validate compliance.
We have also achieved Cyber Essentials and Cyber Essentials Plus accredited by CREST. Cyber Essentials is the government backed scheme overseen by the National Cyber Security Centre which aims to protect organisations from common cyber-attack methods. Cyber Essentials Plus is the Centre’s highest level of certification which involved an independent body verifying the controls our business has in place.
Duncan Gray, Premium Credit’s Chief Information Officer commented: “Our ongoing commitment to protecting personal records and commercially sensitive information on behalf of our customers remains an integral part of what we do. ISO/IEC 27001 and the other accreditations we secure on an ongoing basis illustrates our commitment to implementing a robust approach to managing information security (infosec) and building resilience.
These awards provide our customers with assurances that Premium Credit adheres to a wide reaching set of industry recognised standards for the management of Information Security.”