Securing our clients’ data
At BDO we acknowledge the importance of data security and privacy. We continuously focus on securing our clients’ data and have established routines for these purposes.
Data requirements
At BDO we are continuously focusing on improving the quality of the audits, and we wish to use data analysis for this purpose. Automatically processed transactions make it possible to focus even more on the complex areas with the highest auditing risk. In this case, the data analysis will facilitate audits with improved customer value.
Information security at BDO
At BDO we acknowledge the importance of information security, to secure our clients’ data we have implemented routines to ensure confidentiality and integrity. Our network, servers and the rest of our infrastructure is operated by a professional supplier. This gives us access to more than 200 IT-experts specialized on a wide range of disciplines.
In our services both information security and compliance are central, and the platform we use are subject to strict safety requirements. The services are certified according to ISO 27001 and ISO 9001. This means that BDO’s and our clients’ data is secured by custom-built data center modules with surveillance, strict access controls, video surveillance, multi-layered physical barriers and physical security.
BDO has its own Computer Emergency Response Team (CERT) which helps clients protect digital assets and detect and respond to security incidents. BDO’s CERT continuously surveil our own network traffic and perform penetration tests on our infrastructure.
Secure data collection
Data collection between the client and BDO is done through one of our collaboration solutions (encrypted email, FileMail or BDO Client Portal) or directly from cloud service providers. The method of data collection will depend on the client’s solutions and what kind of services the client make use of. Our collaboration solutions facilitate encrypted transfer of data.
When data is collected from the client’s cloud solutions, the data will be securely retracted using methods approved by the system supplier. Automatically transfer of data from the client’s cloud solution is done encrypted as a part of the same routine.
Independent of the method used for data collection, BDO has routines to secure the confidentiality and integrity of the data collected.
Secure data storage at BDO
Row-level access control in the database will secure that data which is safely uploaded to BDO’s data warehouse can only be accessed by the project team members.
BDO and the use of clients’ data
We will only use our clients’ data for the purposes that are agreed upon with the client. We will not under any circumstances give others directly access to our clients’ data..