Information Security Policy Statement
Brief description of SuperEd and our operations
SuperEd’s vision is to improve the financial wellbeing of all Australians.
SuperEd owns and operates the Retirement Essentials and Clover.com.au service to help all Australians improve their financial wellbeing through affordable online advice and entitlement solutions. SuperEd is building Australia’s next generation digital services and brings forecasting, education and coaching, planning, advice and personal investment management back into our customers hands.
SuperEd’s core solution is designed to engage members into a personal and relevant learning and advice pathway that ensures all interactions help to improve their understanding of their financial wellbeing and how to improve it.
- The Clover product provides asset management services.
- The Retirement Essentials solution is designed to assist senior Australians access their Centrelink entitlements.
The SuperEd Management team which has broad and extensive financial services, technology and project management expertise. We have teams located in Sydney and Melbourne.
Importance of Information Security
The security of information in all its forms is of the utmost importance to SuperEd’s board of directors, management team and all employees.
We acknowledge that as an organisation, we can minimise information security risks by:
- Developing and maintaining a robust Information Security Management System and monitoring its operation
- Ensuring system access controls are established and monitored
- Communicate the roles and responsibilities in terms of information security to new and existing employees, including making them aware of the consequences of no-compliance.
Our security strategy is designed to minimise the need for employees to have access to sensitive and personal information other than during Disaster Recovery tests and scenarios.
Our policies are intended to give confidence to all interested parties that security risks & issues are adequately managed. We strive to continually improve our Information Management System’s performance within the business.
In order to achieve this, the following information security objectives have been established:
- Strategic and operational information security risks is understood and treated to be acceptable to SuperEd’s board of directors, management team and all employees
- The confidentiality of client information, product development and marketing plans is protected
- The integrity of company records is preserved
- Public web services and internal networks meet specified availability standards
To achieve these objectives, we shall act to:
- Communicate this policy to all existing employees and to new employees upon commencement
- Comply with all legislative and other requirements which are relevant to SuperEd (including those required under our Australian Financial Services Licence)
- Make our commitment to information security and confidentiality visible to all interested parties
- Maintaining a Management System which meets the requirements of ISO 27001:2013.
This policy, together with the objectives and targets set, will be reviewed on an annual basis to ensure that it remains relevant and suitable to be operations of SuperEd.
14 January 2021