Corporate Sustainability Report - Flipbook - Page 62
Sustainability Report
We ended FY25 with a score of 780, up 20%
on FY24, and which places us in the top 4% of
global computer software industry.
Current Rating
780
300
820
Responsible AI
We are committed to ensuring we develop
and use AI in a responsible and ethical way
that is explainable and understandable, while
managing the risks associated with AI in a
systemic manner.
Access became one of the 昀椀rst companies in
the UK to achieve certi昀椀cation of ISO 42001
(AI Management System guidelines). Our AI
governance framework covers:
•
Ethical AI development and deployment
•
Comprehensive AI risk assessment
•
Transparency and accountability in AI systems
•
Bias detection and mitigation strategies
•
Secure development
Our commitment to security throughout the
product development lifecycle represents a
cornerstone of our cybersecurity strategy.
We follow a comprehensive security-bydesign approach, incorporating automated
threat modelling, continuous vulnerability
assessments across all stages.
Products undergo regular third-party
penetration testing to validate our controls
against emerging threats, while our security
advocates and champions work across
divisions and teams to provide a strategic and
technical view of the security of our products.
Business continuity
Our business continuity framework
demonstrates our commitment to operational
resilience through a structured, enterprisewide approach aligned with leading
international standards (ISO 22301).
Supply risk management
Our supplier security risk management
ensures e昀昀ective management of potential
security risks across the various stages of
supplier engagements covering:
•
Categorisation of the suppliers based on
the nature of the service provided and the
sensitivity of the data involved.
Continuous monitoring of AI model
performance and safety
•
Standardised set of information security
controls as applicable to each category of
supplier.
Security training and awareness
•
Because every employee serves as the 昀椀rst
line of defence in upholding the security of
company and customer assets and data, we
educate, train and raise awareness for all our
employees through:
Due diligence, security risk assessment for
e昀昀ective management of the information
security risks associated with suppliers.
•
Monitoring of suppliers, threat intel tracking
and governance further strengthen supplier
security risk management at Access.
•
Mandatory annual cybersecurity training
•
Monthly phishing simulation exercises
•
Robust internal communication channels for
reporting potential security concerns
•
Review and acknowledgement of cybersecurity
policies
This will be further enhanced through:
•
Personalised learning paths based on rolespeci昀椀c security requirements
62
