Investor Presentaiton
Supply Chain
Environment
Governance
Policies & Data tables
Appendix
Executive Summary
Improving Financial Health
Data
Employees
Social - Data Security - Governance and responsibility
•
Board and executive priority
Data privacy and security is a top priority.
Regular updates to the Board's Audit Committee and risk
committees on information security risks and the business's
response.
Specific responsibility at the board level is overseen by the Security
and Continuity Steering Committee (SCSC), a sub-committee of
the Executive Risk Management Committee (ERMC).
SCSC (CEO, CFO, COO and CIO), review global information security,
physical security and business continuity every month.
Data security investment decisions are made centrally, to protect level
of spend.
3 lines of defence risk management model:
1st line: day-to-day operations, applying internal controls (e.g. IT)
2nd line: oversight, internal assurance, strategies and policies
(Global Security Office)
o 3rd line: independent assurance (Internal Audit)
Global Security Office
On a daily basis data security is overseen by
Chief Information Security Officer (leads GSO)
Chief Risk Officer
Group President of Global Technology
Data Protection Officers
experian.
Experian is run on a regional basis. The Global Chief Information
Officer has CIOs for each region who report into him, who each have
their own regional teams.
Global Security Office provides: Governance and Control,
Engineering and Innovation, Application Security, Physical and
People Security, Security Operations Centre and Information
Security Risk Management Services.
Within the Cyber Fusion Centre there is a Cyber Security
Investigations team who safeguard key assets such as systems
and storage facilities. They manage any security developments that
may threaten Experian's people, process, or technology through
intervention and thorough investigation of security incidents.
41
Experian PublicView entire presentation