Building systems and processes

Dedicated compliance and information security teams in both the UK and US are responsible for covering all of the countries in which we operate. These teams strive to ensure that all systems and processes meet the full requirements of the law, and have overall responsibility for ensuring a culture of awareness and compliance within the business. They work closely with experts based within each business unit to put appropriate information security controls in place and work within industry best practice.

Experian’s managers, in general, are responsible for implementing, enforcing and supporting the policies and standards surrounding Information Security. All employees, contractors and third party suppliers are subject to confidentiality agreements and are therefore responsible for complying with data protection policies. Experian’s controls are regularly audited internally, externally and by clients. In the UK, Experian is also certified to ISO/IEC 27001 for one of its critical information security operations.