By: Jo Hall (FSSA™ CFP®DipFP BApplEcon)
I recently asked for questions for those that have never outsourced, or for experiences for those that have.
One of the first points that was raised as a concern was around Cyber Security—which I wholeheartedly agree with!
I would however challenge you to think about 2 things:
✅ You need to think beyond Cyber, and think about Information Security—of which, Cyber is a subset.
✅ This is just as relevant for outsourcing Onshore as it is Offshore.
Today, we will consider my first Challenge to your thinking…
A great Information Management System considers ALL data,
not just that which is housed electronically.
Organisations face many risks outside electronic risks such as:
- a staff member who was not properly vetted before being hired;
- staff members having access to printing, with no reason for the access;
- printed documents with no policies or processes about proper destruction processes;
- staff members being able to work from home with no risk assessment of where or who they live with.
As a Financial Planning practice, who maintains legally sensitive personal information, it is vital you have confidence in your business partners who also may have access to this information. In our opinion, a cyber policy on its own, is simply not enough to provide you with peace of mind.