Keeping our clients’ data safe
Our Information Security Client Data Protection program helps client teams keep data safe with the right tools and a standardized approach.
With cyber threats a constant presence, building a strong security posture is a must. For global enterprises like Accenture, an organization with over half a million employees and several thousand clients, that means ensuring the appropriate security systems, protocols, and controls are in place to protect our clients, our employees, and our own data and operations.
With threats constantly evolving, becoming riskier and more consequential, we must remain proactive, continually enhancing our approach to information security. Our security defenses need to span across the enterprise, protecting all areas of the business.
Our clients expect nothing less.
To meet our clients’ unique security expectations and address today’s dynamic regulatory issues, our Information Security team operates a global Client Data Protection (CDP) program. This program provides client engagement teams with the tools and processes necessary to identify and mitigate security risks over the lifecycle of a client project.
Our CDP process begins with the initial client sales discussions, when we work with the client to identify any inherent risks or security concerns that need to be addressed within our scope of service and solution.
These collaborative talks also focus on identifying and mitigating potential weaknesses within the client environments, clarifying accountability and removing any ambiguity regarding operational security controls and processes.
The results of each risk assessment and client discussion are then factored into our solutions so that they are secure from the start.
Once actual project work starts, the CDP approach is implemented across all active contracts. This helps our client teams work with clients to drive a security governance and operational environment that addresses the unique security risks of each client engagement. We build a client-specific CDP plan for each client that includes:
Our CDP program adheres to the highest and strictest standards for information security, including full compliance with ISO27001 certification standards. This international distinction, awarded by the British Standards Institution (BSI), serves as recognition for our client work from engagement inception to engagement completion.
Maintaining such high standards requires a continual refresh of our CDP program.
We embedded data privacy controls in the CDP framework that meet the requirements of the European Union’s General Data Protection Regulation (GDPR).
Our client teams must now confirm with their clients that an appropriate GDPR solution is in place for relevant areas of the account.
Strengthening our overall approach is the CDP program’s connected network of Accenture leaders to drive key information security objectives.
The CDP program serves as one of our most effective risk management platforms, maintaining a strong security posture for our organization and our clients.
Given its success, CDP serves as a critical extension of our Information Security organization. An example is CDP’s alignment with the Security Operations Center (SOC), a centralized, in-house resource for real-time threat monitoring. With the SOC’s broad insight into risk compliance and potential threats, the CDP program helps drive improved, enterprise-wide compliance through its established security controls.
This approach provides the ability to mitigate such risks, preventing them from impacting our own internal environment or that of a client.
Through regular assessments and refinements to the CDP program, and a workforce that takes accountability for putting security first, we continue to improve how we protect the data of our organization and operations, and that of our employees and our clients.