Information Security Policy handles sensitive cardholder information daily. Sensitive Information must have adequate safeguards in place to protect the cardholder data, cardholder privacy, and to ensure compliance with various regulations, along with guarding the future of the organisation. commits to respecting the privacy of all its customers and to protecting any customer data from outside parties. To this end management are committed to maintaining a secure environment in which to process cardholder information so that we can meet these promises.

Employees handling sensitive cardholder data should ensure:

  •          Handle Company and cardholder information in a manner that fits with their sensitivity and classification.
  •          Limit personal use of information and telecommunication systems and ensure it doesn’t interfere with your job performance.
  • reserves the right to monitor, access, review, audit, copy, store, or delete any electronic communications, equipment, systems and network traffic for any purpose.
  •          Do not use e-mail, internet and other Company resources to engage in any action that is offensive, threatening, discriminatory, defamatory, slanderous, pornographic, obscene, harassing or illegal.
  •          Do not disclose personnel information unless authorised.
  •          Protect sensitive cardholder information.
  •          Keep passwords and accounts secure.
  •          Request approval from management prior to establishing any new software or hardware, third party connections, etc.
  •          Do not install unauthorised software or hardware, including modems and wireless access unless you have explicit management approval.
  •          Always leave desks clear of sensitive cardholder data and lock computer screens when unattended.
  •          Information security incidents must be reported, without delay, to the individual responsible for incident response locally – Please find out who this is.

We each have a responsibility for ensuring our company’s systems and data are protected from unauthorised access and improper use. If you are unclear about any of the policies detailed herein you should seek advice and guidance from your line manager.