Data protection
Raymond Chabot Grant Thornton has implemented governance policies and information security procedures that reflect the changes in cybersecurity best practices.
1. Qualified experts. Raymond Chabot Grant Thornton has a dedicated information security management team with up-to-date security certifications. This team is always in the know regarding the latest cyberthreats and mitigation solutions.
2. Standards and certifications. Information security management at Raymond Chabot Grant Thornton involves complying with the most stringent industry standards and practices. The IT security program is reviewed monthly to counter security risks and reduce threats. More notably, clientAccess has been ISO 27001 certified since 2022, which means that its processes meet the most stringent information security requirements.
3. Ongoing protection of IT assets. The firm’s IT system is protected from all unauthorized access thanks to innovative technology and measures that include, as required, managed incident detection and prevention services.
4. Regular tests. Our specialists regularly carry out network penetration testing to guarantee the resilience of the systems against cyberattacks. This is an effective method of identifying and correcting vulnerabilities.
5. Ongoing training for staff and consultants. Our talent is required to take cybersecurity awareness and training courses at the time of hiring and thereafter on a yearly basis. Multiple phishing simulations are also conducted every year. Users are provided with specific training based on their role within the organization and senior management ensures that the training is put into practice.
6. Partner security analysis. Our third-party and cloud services providers are subject to a detailed security analysis and risk assessment process. Ongoing security monitoring is performed for key external partners.
7. IT security audit. Raymond Chabot Grant Thornton is a member of Grant Thornton International Ltd., which regularly audits the firm. Compliance monitoring based on the world-renowned NIST 800-53 cybersecurity standard was adopted for the needs of Grant Thornton International Ltd. Every year, this organization maintains a high level of compliance, thereby facilitating its global expansion.