CASE STUDY – FEEDBACK ON THE CREST COMPLAINT PROCESS
‘We discussed your report in detail in our Information Security Committee and fed back our thoughts to our Executive Committee, which includes all executive directors. The unanimous view was that your report was fair, accurate and had addressed the major concerns that we had with this project.
We were pleased to see that you agreed a package of sensible controls with our supplier and, based on the information available to us, we believe that these are proportionate and appropriate. As far as we are concerned, the matter is now closed.
Overall, I think that CREST gets a thumbs-up from us for the way that this was addressed. We would obviously have preferred to have never found ourselves in ...