Entity uses Sprinto, a continuous monitoring system, to track and report the health of the information security program to the Information Security Officer and other stakeholders
profile_icon
| Sep 07, 2023
Entity’s Senior Management assigns the role of Information Security Officer who is delegated the responsibility of planning, assessing, implementing and reviewing the internal control environment.
profile_icon
| Sep 07, 2023
Entity performs a formal vendor risk assessment exercise annually, as detailed out in the Risk Assessment and Management Policy, to identify vendors that are critical to the systems’ security commitments and requirements
profile_icon
| Sep 07, 2023
Entity considers the potential for fraud when assessing risks. This is an entry in the risk matrix.
profile_icon
| Sep 07, 2023
Entity maintains an Organizational Structure to define authorities, facilitate information flow and establish responsibilities
profile_icon
| Sep 07, 2023
Each risk is assessed and given a risk score in relation to the likelihood of it occurring and the potential impact on the security, availability and confidentiality of the Company platform. Risks are mapped to mitigating factors that address some or all of the risk.
profile_icon
| Sep 07, 2023