With a commitment to security by design, our products are built with your safety in mind. We prioritize secure data handling and ensure high resilience. Our top-down governance and security mindset are ingrained in our DNA. We continuously assess threat vectors and calibrate our security measures to adapt to the evolving business and technology landscape.
The Information Security Committee (ISC), consisting of executive leadership members, spearheads the agenda and practices of information security and data privacy.
Ensure that the information security roadmap is meticulously designed, taking into account customer, regulatory, and contractual obligations, and is adeptly adapted to address both internal and external threat vectors.
Each quarter, the ISC evaluates information security endeavors, projects, and the prevailing security stance, offering guidance on the course and addressing any impediments encountered.
The ISC guarantees that sufficient expertise
is accessible for every information security endeavor, drawing upon the insights of security experts from both internal and external avenues.
Ensure that sufficient personnel and financial resources are allocated to diverse initiatives to ensure effective implementation.
Governance that is comprehensive, transparent, and prioritizes risk management and customer-centric.
A specialized team of information security professionals, including GRC specialists, Security Architects, Application and Cloud Security Engineers, Security Operations Specialists, and Security Advisors, manages information security responsibilities. This information security unit reports to the Head of Information Security (CISO), tasked with safeguarding Mad Street Den’s data and systems against cyber threats.
The information security unit conducts annual and continuous assessments of security risks, particularly during significant changes. Key sources considered for risk management encompass audit results, incident reports, evolving threat scenarios, and shifts in contractual or regulatory requirements.
Tasked with ensuring compliance of information security standards within the application architecture and technological environment. Routine application security evaluations, including Code reviews, Vulnerability Assessment, and Penetration Testing (VAPT), are conducted both internally and by certified external entities.
Mad Street Den conducts risk-driven audits of its products, procedures, and suppliers, ensuring that each undergoes an audit at least annually. Audit outcomes are directly communicated to the ISC, with the Information Security unit overseeing and reporting the resolution process until completion.
Additionally, Mad Street Den undergoes independent assessments for ISO 27001, SOC 2, and other standards at least once per year.
Policies and procedures aligned with ISO 27001:2013 criteria are established and subject to routine audits. These processes undergo annual reviews, with any modifications communicated
to the pertinent staff members.
Guidelines for the proper management of data, encompassing all forms of personal information, are conveyed to all employees during their Mad Street Den orientation. Moreover, any updates to these guidelines are promptly communicated upon implementation, and an annual training refresher is provided to all staff members.
Upon joining Mad Street Den, every employee commits to a data confidentiality agreement, encompassing all information, including client data, they encounter. Furthermore, Mad Street Den enters into confidentiality agreements and appropriate service contracts with all its vendors or sub-processors.
Our Code of Conduct delineates the fundamental rules and ethical standards that each Mad Street Den employee is anticipated to uphold wholeheartedly. These foundational principles of proper behavior apply uniformly across our organization. The code outlines our core values, duties, and ethical commitments, serving as a compass for our staff when navigating complex ethical dilemmas in business – always prioritizing integrity.
At Mad Street Den, we hold our organizational culture in high regard and address any discrepancies earnestly. Employees are urged to report any breaches without hesitation.