Information Security

Overview

Information and systems are considered valuable Quantexa assets which require protection against varying types of internal and external security risks. These risks have the potential to threaten the confidentiality, integrity, and availability of Quantexa assets.

Quantexa is committed to promoting effective controls across the range of information, technical, personnel, and physical security to maintain the confidentiality of our and our client’s data. We maintain and protect all the information we use or store in a manner that is consistent with our relevant professional, ethical, legal, regulatory, and contractual requirements.

The Quantexa Board and the Senior Management Team, who are represented by the Head of Information Security and the Information Security Steering Group (“ISSG”), fully endorse, and support all Information Security policies, standards, guidelines, processes, and procedures which are expected to be adhered to. Prescribed controls are implemented throughout the organization supporting the continuous review and improvement of the Information Security Management System (“ISMS”).

Our accreditations

Our commitment to our clients

To reinforce our commitment to Information Security, Quantexa meets and exceeds the ISO/IEC 27001 standard requirements and has been certified since March 2018. Our framework is regularly assessed to ensure the highest possible level of compliance from an independent external audit.

As an Independent Software Vendor (“ISV”), our software is built to modern security industry standards to meet our client’s needs and most requirements covering global geographic and regulatory jurisdictions. Our security approach focuses on security by design, security governance, risk management and compliance. Our software is developed within secure build environments to protect the integrity of the products supplied to our clients. We adopt where possible industry best practices across all our own cloud environments, including encryption for data at rest and in transit, network security and hardening, enhanced access control, system monitoring, logging, and alerting, and more.

Information Security is at the core of our culture. We ensure that we educate our people and regularly refresh their knowledge so they each have a clear understanding of our expectations, and of the changing nature of the threats to the security of our information.

The ISMS is achieved using various controls that are set out within the various policies, standards, guidelines, processes, and procedures. Conforming with these controls is critical in ensuring that Quantexa meets all its obligations to its stakeholders and clients.

These controls are continually monitored, reviewed, and improved upon to ensure that security and business objectives are met. This is operated in conjunction with other business management processes and incorporates the applicable statutory and contractual requirements.

Quantexa regards information and systems as valuable assets that require protection against a range of internal and external security risks. These risks have the potential to threaten the confidentiality, integrity, and availability of Quantexa's assets. 

To ensure the confidentiality of our clients' and our own data, Quantexa is committed to implementing effective controls across information, technical, personnel, and physical security. We handle and safeguard all information we use or store in a manner that is consistent with our relevant professional, ethical, legal, regulatory, and contractual obligations. 

The Head of Information Security and the Information Security Steering Group (ISSG) represent the Senior Management Team and the Quantexa Board, fully endorsing and supporting all Information Security policies, standards, guidelines, processes, and procedures expected to be followed. Prescribed controls are implemented throughout the organization, supporting the continuous review and improvement of the Information Security Management System (ISMS). 

Quantexa is fully committed to maintaining the highest levels of information security for our clients. We exceed the requirements of ISO/IEC 27001:2013 and that of AICPA SOC 2. Our security framework is regularly audited by independent external parties to ensure the utmost compliance. 

As an Independent Software Vendor (ISV), we build our software to meet modern security industry standards and our clients' needs, covering global regulatory and geographic jurisdictions. Our security approach emphasises security by design, security governance, risk management, and compliance. We develop our software within secure build environments to safeguard the integrity of the products we supply to our clients. We also follow industry best practices across all our cloud environments, including encryption for data at rest and in transit, network security and hardening, access control, system monitoring, logging, alerting, and more. 

Information Security is a core part of our company culture, and we provide regular education and training to our employees to ensure they understand our expectations and the evolving nature of security threats. 

Our ISMS is achieved through various controls set out in policies, standards, guidelines, processes, and procedures. Compliance with these controls is essential in meeting our obligations to our stakeholders and clients. We continually monitor, review, and improve these controls to ensure we meet our security and business objectives, in accordance with statutory and contractual requirements. 

For further information, please review our Information Security Policy, and if you have any questions regarding information security, please contact the security team by completing the form below.

Non-owned Quantexa related domains

Fraudsters can set up website domain names which are confusingly similar to real domains, in order to try to fool clients into thinking they are corresponding with a genuine Quantexa email address or domain. Here is a list of non-owned Quantexa domains: