Premium Credit is pleased to announce that it has achieved ISO/IEC 27001 Information Security Management recertification.
Through this bench mark Premium Credit demonstrates its ongoing ability to reach the exacting requirements set by the BSI (British Standards Institute) for establishing, implementing, maintaining and continually improving its information security management system within the context of the organisation. The accreditation also confirms Premium Credit’s capacity to meet the BSI’s requirements for the assessment and treatment of information security risks.
Additional recertification achieved this year includes the Payment Card Industry Data Security Standard (PCI DSS) ensuring the correct controls are in place to protect cardholder data. Premium Credit currently maintains a level-1 Service Provider and a Level 2 Merchant assessment which is audited annually by a PCI Qualified Security Assessor to validate compliance.
Premium Credit has also achieved Cyber Essentials Plus accredited by CREST. Cyber Essentials is the government backed scheme overseen by the National Cyber Security Centre which aims to protect organisations from common cyber-attack methods. Cyber Essentials Plus is the Centre’s highest level of certification which involved an independent body verifying controls the business has in place.
Duncan Gray, Premium Credit’s Chief Information Officer commented: “Protecting personal records and commercially sensitive information on behalf of our customers is critical and an absolute priority to us. ISO/IEC 27001 and the other ongoing accreditations we’ve secured illustrate our commitment to implementing a robust approach to managing information security (infosec) and building resilience.
These awards provide our customers with assurances that Premium Credit adheres to a wide reaching set of industry recognised standards for the management of Information Security.”
These awards provide our customers with assurances that Premium Credit adheres to a wide reaching set of industry recognised standards for the management of Information Security.