Information Security Policy
The Kingdom Bank Information Security Policy
The Kingdom Bank Corporation is aware that confidentiality, integrity and accessibility of information in all forms play a critical role in its sustainable success and good governance practices and that failure to ensure information security at an adequate level will increase the risk of reputational loss as well as financial losses.
This information security policy summarizes the The Kingdom Bank Corporation Information Security management approach, as well as sets out the guiding principles and responsibilities required for the protection of information systems security.
The Kingdom Bank Corporation management undertakes the establishment, implementation, operation, monitoring, review, maintenance and continuous improvement of the Information Security Management System in accordance with TS ISO / IEC 27001 Standard in order to ensure the confidentiality, integrity and accessibility of the information it is obliged to protect.
In our company providing Banking Services:
- To follow the current cyber threats related to the activities we carry out with the "zero day" logic, to comply with the terms and legal requirements arising from the contracts,
- To ensure that the activities are carried out in an effective, correct, fast and safe manner, to carry out our activities in accordance with the standards required by the sector,
- To provide the required resources for the Information Security Management System’s continuously improvement,
- To carry out our activities with the awareness of the risks on confidentiality, accessibility and integrity in accessing all kinds of corporate and personal information assets belonging to our company, customers, employees, suppliers and business partners,
- To make the information security management system and information security awareness a corporate culture,
- To ensure the preparation, implementation and testing of the necessary plans to ensure business continuity and service continuity,
- Ensuring that risks to our information assets and processes are assessed and processed in accordance with accepted risk management methodologies,
- We are committed to all our stakeholders to be in contact with special interest groups in order to benefit from the developing technologies and knowledge in our sector where we offer software development services.