orporate consulting company PT Integrity Indonesia is dedicated to ensuring security for its clients by preventing, detecting and mitigating fraud. Integrity Indonesia recently received the ISO 27001:2013 from certification company Intertek Indonesia, an achievement that stands as a testament to its commitment in maintaining and protecting client data.
The company succeeded in its accreditation bid after two years of enhancing its operations, from preparing its policy documents, boosting its technical competence and improving upkeep of its administrative records.
But its efforts will not stop here: Integrity Indonesia is committed to updating its information security management system (ISMS) for its clients, as well as to maintain its ISO 27001 certification through the annual conduct surveillance audits process.
“The main reason we worked hard to obtain the ISMS certification is responsibility. Responsibility towards our clients, responsibility towards our vendors and responsibility towards our employees,” Integrity Indonesia managing director Edouard Helfand said during the ISO 27001:2013 acceptance ceremony, held on Jan. 18 at the company’s Jakarta headquarters.
“This certification reflects our commitment to following a framework that has been proven to secure company and third-party data and information,” Helfand added.
The ISO 27001:2013 indicates that an organization has the proper tools and facilities to adequately establish, manage and continually improve its ISMS.
Every Monday
Proper information security maintenance and management demonstrates a company’s ability to handle sensitive information within the organization, whether the information belongs to its clients or to the organization.
Integrity Indonesia’s ISO 27001 certification shows that the company has fulfilled information security standards across its range of professional services, including employment background screening, due diligence, whistleblowing system and brand protection, as well as its overall operations.
The company will continue to develop its ISMS to be more robust in order to anticipate new threats amid the rapidly developing digital era.
“Therefore, after this, we will need to prepare all iterations towards the certification process of the latest ISO 27001, version 2022,” Helfand said.
Integrity Indonesia’s previous successes include obtaining the ISO 9001:2015 for a quality management system and the ISO 37001:2016 for anti-bribery management systems in 2021.
These certifications are expected to elevate Integrity Indonesia to a stronger position so it can connect with more clients as it aims to expand its operations in Europe.
Trusted partner in fraud detection, investigation and mitigation
Helfand founded Integrity Indonesia in 2001. The corporate consulting company has since evolved into a renowned consultancy operating in the Indonesian, Thai and Malaysian markets. Throughout its 22 years of service, Integrity Indonesia has employed local experts to solve each case in accordance with the local culture and condition.
While the majority of its client base consists of private companies, Integrity Indonesia has also provided its services to state-owned enterprises (SOEs).
“This year, we are looking forward to working with more governmental bodies, including SOEs. Recently, the sector has been gearing to improve its whistleblowing system,” Helfand said.
One of Integrity Indonesia’s SOE clients is port operator PT Pelabuhan Indonesia (Pelindo), which it provided with a hotline and dashboard through the Canary whistleblowing tool. Integrity Indonesia also provided its investigation services, reporting the results to Pelindo.
To ensure the success of its Canary whistleblowing program, Integrity Indonesia has pledged to protect all whistleblowers, be they employees or members of the public. The Canary program thus offers whistleblowers the option to choose between full disclosure, confidentiality and anonymity as regards their identity.
In terms of handling personal information and other big data, Integrity Indonesia complies with local laws.
“We need to abide by local requirements, including Law No. 11/2008 on electronic information and transactions [UU ITE]. We ask the individuals [whistleblowers] to sign their consent before involving [them] in the investigation process,” Helfand explained.
“However, due diligence is another issue that often needs to be paid attention to, especially with regard to the procurement of goods and services from vendors to avoid fraud, such as gratification from vendors and other loophole abuses in the supply chain,” he said, describing Integrity Indonesia’s path forward.
Regardless, achieving ISO 27001:2013 certification is certain to win the trust of prospective clients, who can rest assured knowing that Integrity Indonesia will not transfer or sell their data to any third parties.
