The Information Security Management System is a set of rules, procedures, guidelines, activities and related resources that KentBank (hereinafter: the Bank) manages in order to protect its information assets and systems. In this way, the Bank achieves a systematic approach to the definition, implementation, operation, monitoring, supervision, maintenance and improvement of information security and protects its fundamental security principles (confidentiality, integrity and availability).
The Information Security Management System is based on the assessment and definition of acceptable risk levels in order to effectively handle and manage the risks arising from the use of information technologies. By applying appropriate management, logical and physical protection measures, the Bank reduces related risks, which contributes to the success of the Information Security Management System.
By establishing the Information Security Management System, the Bank:
- achieves a high level of security by which its information assets are adequately and continuously protected against all forms of threats,
- maintains a structured and comprehensive framework for the identification and assessment of information security risks, the selection and establishment of appropriate measures for their mitigation, and improves the effectiveness of established controls;
- continuously improves its management environment and
- effectively achieves and maintains legal and regulatory compliance
By adopting the Information Security Policy, the KentBank Managing Board established the Information Security Management System and defined the basic principles of information security management. The bank continuously and successfully maintains legal and regulatory compliance with all relevant laws, regulations and norms.