Affinion Group Awarded Prestigious Information Security Certification

Jan. 10, 2008

NORWALK, Conn., Jan. 10 /PRNewswire/ -- Affinion Group, a leading global affinity marketer, has been awarded the prestigious ISO 27001 certification, the highest international standard for information security management globally. There are only approximately 50 companies in the United States carrying this leading-edge credential, and 4,100 companies worldwide.

Affinion is the only affinity marketer with this designation in the industry, and shares the certification with such leading U.S. companies and organizations as Bechtel Corp., Citigroup Technology, EDS, the Federal Reserve Bank of New York and San Francisco , PriceWaterhouseCoopers, Reuters America, Ricoh Electronics, Sun Microsystems, The World Bank Group, UNISYS and Xerox Corp.

"This certification reaffirms Affinion's longstanding commitment to establishing ourselves as leaders in information protection as we continuously seek to raise the bar for the practices in our industry," said Robert G. Rooney, executive vice president and chief operating officer of Affinion Group. "We place the utmost priority on the protection of our customers and our clients, and taking this step demonstrates how important this is to us."

ISO certification signifies that a company has implemented an information security management system that exceeds the most stringent security standards globally.

"Receiving this certification signals to the world that we proactively make information security a top business and management priority," said Scott vonFischer, chief information security officer for Affinion. "By adopting the highest security standards in the industry we are leading the way as a world-class data security company for our clients, customers and partners."

Affinion received the certification on Dec. 12 . Certification lasts three years, but can only be retained through completion of comprehensive surveillance audits performed by BSI Americas, the certifying body, every six months.

Key attributes of Affinion's information security management system include:

-- Adoption of best practice across all information security domains -- Effective and efficient risk management -- Establishment of a robust security framework including operation, monitoring, review, maintenance and development -- Management's commitment to continuously comply with security requirements -- Proactive security management, rather than reactive -- continuous evaluation through the Plan, Do, Check, Act (PDCA) model -- Systematic management of incidents with clear and timely escalation paths -- Independent evaluation of the Information Security Management System by external certification auditors -- Ease of understanding -- a published international standard.

As the company continues to position itself on the leading-edge of information security in the direct marketing industry, it has established a solid foundation to build best practices in data protection in 2008 and beyond. A key priority in maintaining the highest standards of privacy is to work closely with current and future partners to insure that all information -- either supplied or created through product development -- is treated with the utmost confidentiality, integrity and protection. As part of this commitment, Affinion will leverage its stringent risk management strategies in the design, implementation and maintenance of an advanced information security management system.

Affinion is also dedicated to complying with all regulatory, voluntary and corporate standards, while establishing consistent policies that support its industry-leading information security position around the globe.

About Affinion Group

As a global leader with nearly 35 years of experience, Affinion Group ( enhances the value of its partners' customer relationships by developing and marketing valuable loyalty, membership, checking account, insurance and other compelling products and services. Leveraging its expertise in product development and targeted marketing, Affinion helps generate significant incremental revenue for more than 5,200 affinity partners worldwide, including many of the largest and most respected companies in financial services, retail, travel, and Internet commerce. Based in Norwalk, Conn., the company has approximately 3,000 employees throughout the United States and in 14 countries across Europe . Affinion holds the prestigious ISO 27001 certification for the highest information security practices, is PCI compliant and Cybertrust certified.

SOURCE Affinion Group

Copyright © 2007 PR Newswire Association LLC. All Rights Reserved.