Information Security Policy
Our commitment
At TwentyfourSevenGroup, information security is the foundation of the trust that brands, agencies, production companies, talent and partners place in us. We treat information —and especially our clients' unreleased audiovisual material and intellectual property— as a critical asset that we protect throughout its entire lifecycle.
Our leadership drives and supports an Information Security Management System (ISMS) aligned with the international standard ISO/IEC 27001:2022. Protecting the confidentiality, integrity and availability of information is the responsibility of everyone who acts on behalf of the Group.
The principles that guide us
Every security decision across the Group is governed by six principles:
twentyfoursevengroup.xyz. We treat all security communications confidentially and welcome responsible disclosure.
- Confidentiality, integrity and availability: we ensure information is accessible only to those who should access it, that it is accurate and reliable, and that it is available when needed.
- Defense in depth: we combine layers of physical, logical, organizational and human controls; no single measure stands alone.
- Least privilege: each person accesses only what is strictly necessary for their work.
- Segregation of duties: we separate who requests, who approves and who performs sensitive operations.
- Traceability: every relevant action on information is logged and attributable.
- Continuous improvement: we review, measure and improve our controls on an ongoing basis.
This policy applies to TwentyfourSevenGroup and all companies within the Group. You can find the full list of Group entities and their contact details here.