In 2023, CRISIL successfully completed its Information Security certification - ISO27001:2013.
We also treat maintaining confidentiality of client-specific information with utmost importance. Our employees undergo mandatory training on this aspect.
Technical and policy controls in place to ensure confidentiality.
• Data Loss Prevention Mechanism, which monitors emails
• Access control measures through institution of logical and physical firewalls
• Employees are expected to follow protocols under the personal trading policies
• Employees are required to disclose conflicts
• Cadence over information sharing within businesses
CRISIL has a robust privacy framework which includes personal data mapping, privacy impact assessment, privacy policy, training and awareness, data subject requests program and incident management. Privacy by design is central to CRISIL’s privacy framework.
7. Provide the following information relating to data breaches:
a. Number of instances of data breaches: Nil
b. Percentage of data breaches involving personally identifiable information of customers: Nil
c. Impact, if any, of the data breaches: Nil
Leadership Indicators
1. Channels / platforms where information on products and services of the entity can be accessed (provide web link, if available).
Details on products and services offered by CRISIL is available at https://www.crisil.com/en/home/our-product.html
2. Steps taken to inform and educate consumers about safe and responsible usage of products and/or services.
Not applicable considering the nature of CRISIL’s business
3. Mechanisms in place to inform consumers of any risk of disruption/discontinuation of essential services.
Not applicable considering the nature of CRISIL’s business
4. Does the entity display product information on the product over and above what is mandated as per local laws? (Yes/No/Not Applicable. If yes, provide details in brief. Did your entity carry out any survey with regard to consumer satisfaction relating to the major products / services of the entity, significant locations of operation of the entity or the entity as a whole? (Yes/No)
Display on product information is Not Applicable to CRISIL due to the nature of services offered.
CRISIL undertook the Net Promoter Score (NPS) survey across its client base. The NPS system creates a consistent and simplified baseline customer sentiment metric among customers and provides timely insights that are easy to act on.
Additionally, our business development and senior management teams from various businesses engage with customers through periodic meetings, gather project-level feedback and conduct surveys to help us assess our clients’ needs and improve our offerings and service quality. Besides, we emphasis on regular one-on-one interactions with clients and undertake conscious outreach initiatives to clients and investors to understand their perspectives and address their concerns.
In our constant endeavor to engage with our stakeholders, during the year we hosted client engagement events in which CRISIL Board members participated.
                ESG Report 2023 109