Corporate Information Security Measures Overview

This document is a guide detailing the information security requirements and measures implemented by Heidrick & Struggles International, Inc. It outlines the corporate information security program, which is led by the Chief Information Security Officer and aligns with ISO 27001 and NIST SP 800-53 frameworks. The document describes various components of the information security program, including policies, personnel security measures, third-party risk management, and network security protocols. It emphasizes the importance of maintaining strict access controls, endpoint device management, application security, and vulnerability management. Additionally, the document covers incident response procedures and business continuity planning to ensure minimal disruption and data loss during security incidents. The comprehensive nature of the security measures aims to protect sensitive data and maintain system integrity across the organization.