Clients and individuals rightfully demand accountability from any organisation handling their personal and confidential data.

We understand the importance of taking appropriate steps to safeguard information and are committed to protecting information relating to our clients and to our people.

Our ‘Protecting Your Information’ document summarises our approach to information security and business resilience.

We have developed and implemented a comprehensive information security and business resilience framework aligned to industry best practices such as ISO/IEC 27001:2017 the International Standard for Information Security Management Systems (ISMS), IT Infrastructure Library (ITIL) for IT Service Management and ISO22301:2012 for Business Continuity Management Systems (BCMS).

Download PDF

We take a multi-layered, defence-in-depth, approach to protecting the data we have responsibility for, this includes physical, procedural, personnel and technical security to protect confidentiality, integrity and availability of information and services.

This is delivered through our Security Delivery Model which is focused on four workstreams:

  • Defend and Prevent
  • Hunt and Detect
  • Respond and Recover
  • Governance

More details are contained within the  ‘Protecting Your Information’ document. 

If you have any specific questions or would like additional information on the measures that we take to protect your information, then please contact your nominated Vistra Relationship Manager.