Entity’s Senior Management assigns the role of Information Security Officer who is delegated the responsibility of planning, assessing, implementing and reviewing the internal control environment.
profile_icon
| Sep 07, 2023
Entity performs a formal vendor risk assessment exercise annually, as detailed out in the Risk Assessment and Management Policy, to identify vendors that are critical to the systems’ security commitments and requirements
profile_icon
| Sep 07, 2023
Entity considers the potential for fraud when assessing risks. This is an entry in the risk matrix.
profile_icon
| Sep 07, 2023
Entity maintains an Organizational Structure to define authorities, facilitate information flow and establish responsibilities
profile_icon
| Sep 07, 2023
Each risk is assessed and given a risk score in relation to the likelihood of it occurring and the potential impact on the security, availability and confidentiality of the Company platform. Risks are mapped to mitigating factors that address some or all of the risk.
profile_icon
| Sep 07, 2023
Entity performs a formal risk assessment exercise annually, as detailed out in the Risk Assessment and Management Policy, to identify threats that could impair systems’ security commitments and requirements
profile_icon
| Sep 07, 2023