IBA has implemented appropriate technical and organisational measures to ensure a high level of security. These security measures are described in detail in the Data Processing Agreement, signed with each of our customers.

To ensure the security measures is followed, IBA has implemented the following security policies and procedures:

  • Rules of Conduct
  • Information Security Policy
  • Data Classification Policy
  • Asset Control Policy
  • Backup Policy
  • Key Management Policy
  • Log Policy
  • Server and Network Monitoring Policy
  • IBSuite – Encryption of Data at Rest
  • IBSuite – Transport Level Security
  • Incident Response Procedure (available on request)

Please note, that some of the policies and procedures are not available for download, as they contain sensitive information. If you would like to review them, please send an email to legal@ibapplications.com.

To ensure that we also follow these policies, we each year get an auditor’s statement prepared according to the ISAE 3402 standard. The latest statement can be found here:

ISAE 3402 Insurance Business Applications 2017