The objective posed in every information security policy is that of data protection through a thorough definition of procedures, practices and guidelines for the practical configuration and information security management in the entire corporate environment. The policy therefore defines the organization’s orientation in regard to philosophy and the actual requirements for securing the information assets. Again, the policy outlines its applicability to all stakeholders, the processes and the environments subject thereto.
The consequences for failure to conform to the express terms of the policy must be clearly stated. The benefits to the organization are derived from a successful information security policy. The policy must therefore be …show more content…
The name ‘ZED’ bank therefore have been arbitrary chosen for the purposes of this policy document only
ZED BANK INFORMATION SECURITY POLICY
1. POLICY:
The policy of ZED bank on information security as deemed in this writ, whether in the oral, written, printed or in any other form including electronic recording, shall be protected from unauthorized modification, disclosure or destruction whether accidental or intentional acts of man. This protection shall include the stipulated level of security over the software and the machinery utilized in the actual course of processing, storage and transmission of such information.
2. SCOPE:
The scope of information security includes the protection of the confidentiality, integrity and availability of information.
The framework for managing information security in this policy applies to all ZED bank entities and workers, and other Involved Persons and all Involved Systems throughout ZED bank as defined below in “INFORMATION SECURITY DEFINITIONS”.
This policy and all standards apply to all protected banking information and other classes of protected information in any form as defined below in “INFORMATION