NORWALK, Conn., Feb. 19 /PRNewswire/ -- Affinion International, a division of Affinion Group, a leading global affinity marketer, has been awarded the prestigious ISO 27001 certification, the highest international standard for information security management globally. It is the second consecutive time Affinion International has attained this preeminent designation.
(Logo: http://www.newscom.com/cgi-bin/prnh/20080219/NYTU023 )
Affinion Group was also recently awarded the ISO certification for its North America operations, marking the first time that the company achieved this designation globally.
There are only approximately 50 companies in the United States carrying this leading-edge credential, and 4,100 companies worldwide.
Affinion is the only affinity marketer with this designation in the industry, and shares the certification with such leading international companies as Cardif Pinnacle Card Protection, CPP Group Plc., Accenture (UK) Limited, American Express Services Europe Ltd., First Data International, Lockheed Martin Europe , the Royal Mail , Secure SmartWater Technology Ltd, The Central Office of Information, The Royal Bank of Scotland, The Treasury Solicitor, University of Gloucestershire and the Welsh Assembly Government. U.S. companies and organizations with this designation include Bechtel Corp., Citigroup Technology, EDS, the Federal Reserve Bank of New York and San Francisco , PriceWaterhouseCoopers, Reuters America, Ricoh Electronics, Sun Microsystems, The World Bank Group, UNISYS and Xerox Corp.
"This distinguished re-certification strengthens our position as leaders in information protection not just in our industry, but also beyond into the worldwide business community, setting the pace for best practices globally," said Robert G. Rooney, executive vice president and chief operating officer of Affinion Group. "Protecting our customers and clients is of paramount importance to us, and this designation is affirmation of our efforts."
ISO certification signifies that a company has implemented an information security management system that exceeds the most stringent security standards globally.
"Receiving this certification signals to the world that we proactively make information security a top business and management priority," said Scott vonFischer, chief information security officer for Affinion. "By adopting the highest security standards in the industry we are leading the way as a world-class data security company for our clients, customers and partners."
Affinion International -- which first won the certification in 2005 -- received the re-certification on Feb. 1 . Certification lasts three years, but can only be retained through completion of comprehensive surveillance audits performed by Slough & Portsmouth , the United Kingdom certifying body, every six months.
Key attributes of Affinion's information security management system include:
-- Adoption of best practice across all information security domains -- Effective and efficient risk management -- Establishment of a robust security framework including operation, monitoring, review, maintenance and development -- Management's commitment to continuously comply with security requirements -- Proactive security management, rather than reactive -- continuous evaluation through the Plan, Do, Check, Act (PDCA) model -- Systematic management of incidents with clear and timely escalation paths -- Independent evaluation of the Information Security Management System by external certification auditors -- Ease of understanding -- a published international standardAs the company continues to position itself on the leading-edge of information security in the direct marketing industry, it has established a solid foundation to build best practices in data protection in 2008 and beyond. A key priority in maintaining the highest standards of privacy is to work closely with current and future partners to insure that all information -- either supplied or created through product development -- is treated with the utmost confidentiality, integrity and protection. As part of this commitment, Affinion will leverage its stringent risk management strategies in the design, implementation and maintenance of an advanced information security management system.
Affinion is also dedicated to complying with all regulatory, voluntary and corporate standards, while establishing consistent policies that support its industry-leading information security position around the globe.
About Affinion Group
As a global leader with nearly 35 years of experience, Affinion Group (www.affinion.com) enhances the value of its partners' customer relationships by developing and marketing valuable loyalty, membership, checking account, insurance and other compelling products and services. Leveraging its expertise in product development and targeted marketing, Affinion helps generate significant incremental revenue for more than 5,200 affinity partners worldwide, including many of the largest and most respected companies in financial services, retail, travel, and Internet commerce. Based in Norwalk, Conn., the company has approximately 3,000 employees throughout the United States and in 14 countries across Europe . Affinion holds the prestigious ISO 27001 certification for the highest information security practices, is PCI compliant and Cybertrust certified.
SOURCE Affinion Group
