AAT, the professional body for accounting technicians has taken a forward thinking approach to information security with the implementation of MetaCompliance software.
With a global marketplace and over 125,000 members, AAT is the UK’s leading qualification and membership body for vocational accountants with a platform of members represented at every level of the finance and accounting world. This is inclusive of students, people employed in accountancy and self-employed business owners. AAT is similar to many MetaCompliance clients requiring compliance management systems to assist with a relentless volume of valuable data and information which now exists in business across all sectors.
AAT recognsied the need to enhance their information security management system (ISMS) following a data security audit which, according to Information Security Manager David Smith, highlighted that the organisation “lacked a system of verification and acceptance of policies across the organisation, and that a policy enforcement tool was required to address this shortcoming”.
As a result, after vendor assessment, ATT selected the MetaCompliance Enforcement module to meet the needs of the organisation. According to David Smith, “the functionality of the software would address any critical knowledge gaps and an audit could be retained of all security policies, surveys and results including testing staff on AAT’s other policies like brand awareness or organisational values”.
MetaCompliance provides solutions to ensure organisations meet compliance awareness levels for all staff through encouraging participation and engagement. It was however, certain key features that were critical for AAT. Commenting on this, David Smith said; “features included a bank of questions for surveys to avoid copying answers, and the timing of surveys and announcements could be staggered and targeted at a very granular level. The best feature is the deadline date which ensures that the MetaCompliance policy delivery cannot be avoided by staff and the only way to get around a survey is to complete it”.
MetaCompliance recognise the participation of staff as vital in the protection of organisations from information security breaches.
Speaking for Metacompliance, Managing Director Judith O’Brien stated “ATT are among a growing number of organisations that are taking the human element of their data protection seriously. Not only can they target key information asset owners, but they can automate the effort of taking the whole organisation to a higher level of data Security readiness. Thus protecting themselves better”.