Corporate Sustainability Report - Flipbook - Page 63
Sustainability Report
Looking forward
We remain committed to evolving our
cybersecurity approach. We view digital
security not as a cost centre, but as a
critical enabler of trust, innovation, and
sustainable business growth.
Our journey in cybersecurity is
continuous, adaptive, and fundamentally
aligned with our core values of
protecting our stakeholders, maintaining
trust, and creating long-term value.
DATA PRIVACY
Our approach
At Access, we recognise that lawful data
processing and robust privacy practices are
fundamental to our business ethics and
governance framework.
During FY25 our data protection team focused
on providing expert guidance and support
across the organisation to ensure compliant
data handling practices.
We strengthened our advisory capabilities
while preparing for emerging challenges,
particularly in relation to navigating the
complex landscape of global privacy
regulations.
Progress and achievements
We made signi昀椀cant strides in enhancing our
data protection capabilities:
Global certi昀椀cation – we maintain ISO27701
certi昀椀cation across all three of our global
operations centres (United Kingdom,
Romania and Malaysia), demonstrating
our commitment to privacy information
management. This certi昀椀cation framework is
applied consistently throughout our global
operations.
Dedicated expertise – our specialised data
protection team provides comprehensive
oversight and guidance across the group. This
team works in close collaboration with other
functions such as cybersecurity, compliance
and legal to ensure a holistic approach to data
protection and privacy.
Targeted training programme – we
implemented mandatory data protection
eLearning for all employees, supplemented
by specialised modules for teams with speci昀椀c
data handling responsibilities. For example,
our sales and marketing personnel completed
additional targeted training to address the
unique privacy considerations that come with
marketing.
M&A integration excellence – as M&A forms
part of our DNA, we maintain a dedicated
M&A data protection lead. This specialised role
ensures that newly acquired businesses are
integrated e昀케ciently into our data protection
framework, while e昀昀ectively managing
transition risks.
GRC tooling implementation – we
introduced a dedicated governance, risk
and compliance platform, OneTrust, which
automates and streamlines privacy rights
management, enhancing our ability to
respond to data subject requests e昀케ciently.
63
