Talk to us online

INFORMATION SECURITY POLICY




1.0 INTRODUCTION


Information is one of Unitrust Insurance Company Limited (herein referred to as Unitrust) most valuable asset. It is therefore important that the organization’s information and its related technologies are jealously guarded, protected, and secured thereby managing organizational risk to ensure sustainability and profitability.


2.0 PURPOSE


The purpose of this policy is to ensure that Unitrust has a secured operating environment for its business operations. Information and information systems are recognized as an asset and are managed accordingly to ensure their integrity, security, and availability.


3.0 SCOPE


This Information Security Policy applies to all Unitrust's staff, consultants, contractors and any third party with access to Unitrust information assets.


4.0 POLICY


Unitrust is committed to the security of her information assets and shall implement measures through the establishment, implementation, maintenance and continual improvement of information security processes and controls to protect the organization’s information assets against all threats.


This policy requires:



  1. The confidentiality, integrity and availability of Unitrust information assets will be assured and maintained.

  2. Information assets will be protected against unauthorized access.

  3. Compliance with applicable legislative and regulatory requirements in the usage of information assets


This Information Security Policy states the management commitment and sets out the approach to the protection of Unitrust information assets against all internal, external, deliberate, or accidental threats.


5.0 OBJECTIVES


Based on the requirements and factors set out in this document, the following major objectives are set for information security:



  1. Objective 1 - Protect 100% of customers' confidential information, as well as the integrity, and availability of Unitrust's information assets.

  2. Objective 2 - Improve information security awareness culture across the Unitrust by 100%.

  3. Objective 3- Provide assurance of information systems resilience- 99.6% availability

  4. Objective 4- Ensure 95% percent compliance with Unitrust Insurance Co. Ltd contractual, regulatory, and legal requirements.


The success of the ISMS will be judged on its ability to meet these overall objectives.


INCIDENT REPORTING


If any employee or third-party personnel is aware of an information security incident, then they must report it through the designated email (infosec@unitrustinsurance.com) for incident reporting.


6.0 RESPONSIBILITY


All parties who require access to Unitrust information and associated assets will comply to and ensure that this policy is adhered to.

We use cookies to give you the best possible online experience. If you continue, we’ll assume you are happy for your web browser to receive all cookies from our website. See our cookie policy for more information on cookies and how to manage them.