Page 10 - the SyI Quarterly 13 - (V4)
P. 10

Know your Institute
                         Know your Institute















                         Your Data: Safe in our Hands                                                                                   In Head Office, additional security measures are

                                                                                                                                        provided by myself, the Senior Marketing & PR
                                                                                                                                        Officer. I act as the Gate Keeper to the CRM data
                                                      By: Jade Lapper,                                                                  and monitor and manage access and permissions
                                                                                                                                        to the CRM by allowing or reducing access to
                                        Senior PR, and Marketing Officer                                                                different areas of the system. Thereafter, access
                                                                                                                                        is carefully monitored to restrict some employees
                                                                                                                                        and all Directors from entering the CRM. Security
                                                                                                                                        is further supported by restricting direct or indirect
                                                                                                                                        access; this means that any changes to data and any
                                                                                                                                        amendments that are made, can be tracked by date,
                                                                                                                                        timeline, and the person responsible for making
                                                                                                                                        those changes, thus creating an additional internal
                   In 2020, The Security Institute invested in a                                                                        audit trail.
                   Customer Relationship Management  (CRM)
                   system to provide a secure area for member’s                                                                         I also manage the external entrance to the CRM for
                   data to be held; this required several months of                                                                     the ‘Access Group’ and should there be a system
                   research to find a CRM system that was going                                                                         outage or problem arise, I grant control access to
                   to support The Security Institutes’ expanding                                                                        their IT specialists – again monitoring activity. The
                   membership data, safely and securely.                                                                                length of entrance time is also closely monitored,
                                                                                                                                        meaning that Access only have system control for the
                   We also required a CRM which could track day-                                                                        time limitations set in place, and until their access
                   to-day members activities, engagement, events,                                                                       expires – all of which can be controlled directly by
                   CPD and provided the means to target specific                                                                        myself remotely.
                   demographics for marketing purposes in addition
                   to managing member renewals and payments.  Of                                                                        The Security Institute continues to explore new
                   course, this raised many questions about safety                                                                      products and initiatives to enhance the safety and
                   of data, how it would be stored, accessed and be                                                                     management of member’s information and data.
                   compliant with Data Protection and GDPR and
                   fulfil the Quality Management requirements of
                   ISO 9001:2015 and Cyber Essentials Plus.

                   Several systems were reviewed, different cost
                   models explored and eventually, The Security
                   Institute invested in ‘ThankQ CRM’ by the Access
                   Group. (Now re-branded as Charity CRM). Since
                   the Access Group became a supplier, they have
                   supported the integration of the Professional
                   Development Platform, CV360 and Interview
                   360; providing The Institute with in-built security
                   measures that keep data safe against external
                   threats, losses, and leaks with automatic security
                   updates, software upgrades and backups, plus
                   a GDPR consent portal for supporters. It also
                   complies with the latest UK regulations and
                   conforms to ISO 27001 - the international best
                   practice standard for ‘Data Security’.



                                                              10                                                                                                                        11
   5   6   7   8   9   10   11   12   13   14   15