Trust

Cyber Security & Compliance

We know how important trust and transparency is to a partnership. That’s why we’ve outlined below the various processes we have implemented to mitigate and reduce risk.
trust-header
Cyber Security

Cyber Security

In our increasingly digital world, it is imperative that your suppiers do everything possible to protect your data from cyber threats. proSapient follows the ISO27001 framework for information security, taking a pro-active approach to mitigating risk.

Group 5525 (1) cyber-security cyber-security cyber-security cyber-security cyber-security cyber-security cyber-security cyber-security cyber-security
ISO27001

We manage internal information security under the principles of ISO27001. We have successfully received our ISO27001 certification. You can verify the validity of our ISO certificate by entering our certificate number 236177 via this link.

SOC II

Our platform and all associated data is stored securely in a secure cloud environment governed by SOC II complaince.

Penetration testing

We conduct regular penetration tests with high quality third parties to ensure our products provide maximum protection against cyber threats.

Vulnerability Scanning

We scan our code for vulnerabilities as part of our CI/CD pipeline.

Cloud or on-premise

Our platform can be deployed as a cloud instance or on-premise.

Continuous training

Our colleagues are continuously trained on the importance of informational security. Modules include phishing training as well as secure software development

Encryption

Our RDS encrypted DB instances use the industry leading AES-256 encryption algorithm to encrypt your data. For an additional layer of security, all critical data is subject to an additional layer of encryption (column level).

End-point security

proSapient uses a collection of security measures that create an umbrella of protection including Mimecast as well as the Microsoft suite.

Database access

Production database access is prohibited by our engineering team

Information Security System

We pro-actively assess every internal and third party system for risks (around confidentiality, integrity and availability). Any potential risks are documented and mitigated through corrective action and incremental audits.

Compliance

Group 5789 (1)

 

Industry-leading compliance framework

proSapient places Compliance at the core of its culture. We operate at the highest legal and ethical standards, with a dedicated team of compliance specialists to support our clients, employees and experts.

Compliance controls

Overarching Controls

Regular employee Compliance training, including modules in:

  1. Core Compliance
  2. Client Services Compliance
  3. Manager-level training
  4. GDPR training
  5. Compliance advisory services
  6. Code of Ethics
  7. Internal Compliance resources
  1. Compliance Manual
  2. Expert Compliance training
  3. Expert & Client T&Cs
  4. Compliance monitoring plan, process, reporting and remediation
  5. Quarterly investigative deep dives
  6. Annual Compliance Risk Assessment
COMPLIANCE RISK RISK-SPECIFIC CONTROLS
Breach of Client Compliance Rules

Client Compliance section on the platform to input specific requirements.

Technical platform controls including Compliance screening and questionnaires.

Disclosure of Material Non-Public Information Confidential information and insider trading policy and process
Insider Trading & Tipping Personal account dealing policy and process
Fraud Internal investigations process
Disclosure of Confidential Information Confidential information and insider trading policy and process
Disclosure of Trade Secrets Confidential information and insider trading policy and process
Bribery and Corruption

Anti-bribery and corruption policy

Gifts and entertainment policy and process

Money Laundering and Terrorist Financing

Anti-money laundering policy

Money Laundering Reporting Officer

Facilitation of Tax Evasion Anti-facilitation of tax evasion policy
Failure to Report Improper Activity (Whistleblowing) Whistleblowing policy and process
Regulatory Investigation Our Compliance Framework
Modern Slavery Modern slavery prevention policy

 

Read more

We're here for you

If you have additional queries or would like to speak in more detail about our compliance and cyber policies, get in touch.

Have a compliance question?