Information Security
EMPLOYEE AWARENESS
We are committed to approaching information security from both a technical and personnel standpoint. This is why all of our employees must complete two sessions focusing on information security and internet security once they start their employment with OIP.
INFORMATION CLASSIFICATION
OIP is ISO 27001 certified, and we take that responsibility very seriously. Following ISO standards and industry best practices, our information is stratified into various groups, and provided to users on an “if needed” basis. This ensures that information is available only to those with a need for said information, minimizing information security risks.
RISK ASSESSMENT
As per ISO27001 guidelines, risk assessments are performed routinely for all circumstances and scenarios, old and new, that could impact our business and the operations of our customers.
ACCEPTABLE USE AND ACCESS CONTROL
All of our locations are protected by access cards and state-of-the-art security systems. We take all security risks seriously, starting with physical security. Our priority is to provide a safe space for our employees and a secure location where our clients’ data is accessed. We have strict, detailed procedures that specifically define the conditions in which our employees can access information, regardless of the location.
BUSINESS IMPACT ANALYSIS
We strive to stay prepared for any and all possible risks, especially those that could involve a partial or full stoppage of our operations. Therefore, we conduct frequent Business Impact Analysis to evaluate any negative scenarios and determine ways to counter them. Our Disaster Recovery Plans contain multiple options intended to ensure that OIP will provide uninterrupted services to our clients.
MULTIPLE LOCATIONS
OIP currently operates from multiple locations, providing the diversification needed to seamlessly support our clients.