Security
Security has always been a top priority for Scout Talent—we ensure that sensitive recruitment data is always protected by best-of-breed systems, standardized processes, and highly skilled professionals.
ISO 27001 is the international standard for Information Security. It specifies an Information Security Management System (ISMS) including policies, procedures, and technical and physical controls to protect the confidentiality, availability, and integrity of information.
Achieving ISO 27001 certification was an important way to demonstrate our commitment to security at all levels of the business, and that security is a core and evolving aspect of our business operations and services.
Best-of-breed systems
With the increasing regulatory and operational requirements to ensure personal information is kept secure against sophisticated attacks, Scout Talent systems are built with a security-first mindset.
Secure engineering principles are applied to all of our applications, including a strong separation of concerns, defense-in-depth design, silent running operation, a comprehensive access control framework, dependency risk management, unified encryption, and full support for privacy principles. Such technical principles work together with our other security controls to provide appropriate protection to customer data held within our systems.
Standardized processes
In order to make sure our security protocol is kept consistent throughout the business, we maintain standards for how information is handled. This includes ensuring that the Information Security of every project has been assessed to investigate any possible risks and objectives. Corrective actions will be taken as required based on deviations from our objectives.
Our Information Security Policy is kept updated to ensure that it is an accurate reflection of the business context and any relevant factors both internal and external. We also ensure compliance with the needs of Regulatory Authorities, internal or external; as well as with legislation and industry best practices.
Highly skilled professionals
Our Scout Talent team all take ownership in protecting Information Security. All individuals dealing with information at Scout are educated so that each person can independently make informed decisions regarding the secure handling of IT assets and information which is owned by Scout Talent Group. The IS training undertaken by each person embeds IS risk management behaviors and processes that can be maintained daily in their work.
This means all personnel has a responsibility to defend IT assets and information that Scout Talent Group governs, owns, manages, maintains, or controls which are both tangible and intangible. Any perceived or actual Information Security breaches and/or IT incidents will be reported to the ISO or their immediate supervisor.