Our Commitment to Information Security
InvestEdge is committed to preserving the confidentiality, integrity, and availability of the information with which we have been entrusted by our customers. To maintain that trust, we strive to achieve the highest level of information security possible by integrating information security into our business strategy, and by applying industry best practices in the design and deployment of our hosted solutions.
InvestEdge’s risk management framework provides the guidelines for information security by establishing and maintaining an Information Security Management System (ISMS). The ISMS defines the operating controls used to protect our information systems and technology infrastructure including:
- Risk Assessment and Management
- Human Resources Security
- Identification, Classification and Management of Information Assets
- Information Access Controls
- Physical and Environmental Security
- Operational Security
- Communications Security
- Application Development and Maintenance Security
- Supplier Relationship Policies
- Disaster Recovery and Business Continuity Planning/Management
Information Security Governance
All InvestEdge employees are responsible for information security and protecting the confidentiality and integrity of customer data. The Information Security Committee (ISCOM), which is comprised of senior InvestEdge leadership, ensures that information security requirements are always aligned with InvestEdge’s business goals. To achieve this, ISCOM reviews the ISMS framework for continuous improvement and implements the policies, standards, and procedures required to protect information.
In order to ensure that information security is implemented and operated in accordance with organizational policies and procedures, InvestEdge participates in an annual independent review of our information security control objectives. Since 2014, InvestEdge has obtained a System and Organization Controls (SOC) 1 Type 2 Report assessing the effectiveness of our operating controls. Starting in 2019, InvestEdge will participate in a System and Organization Controls (SOC) 2 Type 2 assessment of our operating controls.
If you are an InvestEdge client and would like a copy of our most recent System and Organization Controls audit report, please contact your service team.