These courses are for all employees including remote workers. A perfect score of 100% is required to pass each course respectively. This is for compliance with the ISO 27001 Certification 

Outsourcing and Third Party Access

Remote Working

This course explains our approach to homeworking and homeworking requests by those who work for us.  

We believe there can be real benefits to enabling our staff to work from home, where the full circumstances of our business requirements and individual staff member’s particular situations and roles and responsibilities can accommodate this.


Information Security Course

White Label Crowdfunding Limited (hereinafter referred to as the “Company”) has an extensive and robust Information Security Program that consists of a vast array of policies, procedures, controls, and measures. This Information Security Course is the foundation of this program and ties together all other policies as they relate to information security and data protection. 

The Company Information Security Course covers all aspects of how we identify, secure, manage, use, and dispose of information and physical assets as well as acceptable use protocols, remote access, password, and encryptions. To ensure that the importance of each information security area is not missed or vague, we use separate policies and procedures for each information security area and where applicable, reference these external policies in this document.    

All information security courses, policies, and procedures should be taken, read and referred to in conjunction with each other, as their meaning, controls, and measures often overlap. In addition to our Information Security Program, we utilise the below courses to inform our information security controls: - 

  • Risk Management Course

  • Business Continuity Plan

  • Third Party/Outsourcing Course

  • Due Diligence Course & Questionnaire

  • Data Retention & Erasure Course. 

  • Data Protection Course

 

The Company is committed to preserving the Information Security of all physical, electronic, and intangible information assets across the business, including, but not limited to all operations and activities.  

We aim to provide information and physical security to: - 

  • Protect customer, third party and client data 

  • Preserve the integrity of the Company and our reputation 

  • Comply with legal, statutory, regulatory, and contractual compliance 

  • Ensure business continuity and minimum disruption 

  • Minimise and mitigate business risk 


Firewall Management

White Label Crowdfunding Limited (hereinafter referred to as the “Company”) utilises host based and boundary firewalls to protect its devices, networks, property, staff and customers. We understand the importance of effective protective measures and recognise our obligation to set up such firewalls to enable maximum protection and include effective firewall rules.  

The boundary firewall is essential in mitigating the risks associated with loss or threats to our information and business and we utilise government and expert guidelines and requirements for setting up the rules and parameters that define the firewall. 

We also use host-based firewalls on all devices to ensure a double layered protective approach. This allows for tailored rules and configuration on specific devices and the ability to protect that device and therefore the information it contains or accesses wherever it is used. 


BYOD, Remote Accesss & Working from Home

Asset Management

Asset Management is the process of identifying, classifying, managing, recording, and coordinating WLCF assets (IT and information) to ensure their security and the continued protection of any confidential data they store or give access to. 

Access Controll & Password Management

It is our responsibility to protect and secure our information and systems and we take this function very seriously. We have developed and implemented several physical, logical, and procedural measures and controls to enforce our approach. We understand that it is vital to protect the systems and information held and used by us from unauthorised use or access and are fully aware of how unauthorised access can affect security, personal information, and individuals.