Information Security
Strategy

Information security strategy

The Bank follows and applies the highest standards of information security to maintain the confidentiality, accuracy and availability of information. This information is available in many forms, including printed, written on paper, stored electronically, transmitted through the mail or through the use of electronic means, contained in presentations, or exchanged verbally in conversations. The bank relies a lot on computer systems to save, process and manage customer data and information. Therefore, the Bank is keen to protect it appropriately in accordance with security controls and optimal applications for information security, regardless of the form it takes, or the means that are used to exchange or save it, because it is a valuable asset that must be treated in this way in any form.

The Bank also believes that information and data are very important valuable assets that must be protected to ensure the provision of reliable services to customers. Therefore, the Bank's management aims to protect this information and data by applying appropriate controls to the Bank's systems, conducting the necessary tests and monitoring them on an ongoing basis to achieve the necessary protection for important information from potential risks that may negatively affect the Bank's work mechanisms or its reputation.


The bank also set goals to enhance information security to ensure the continuation of providing all services to beneficiaries in a secure manner, in line with Basic Cyber ​​Security Controls (ECC-1: 2018)  
  

Constant Improvement:

تThe Bank's management carries out continuous improvement of the information security management system, through which, the effectiveness of security controls is maintained and improved. Key performance indicators have also been developed and used to measure the effectiveness of the information security management system and its controls. The Bank also conducts a review of information security management policies at least annually or when significant changes occur to ensure the suitability, efficiency, effectiveness and development of frameworks in line with the issued regulations and legislation such as Basic Cyber ​​Security Controls (ECC-1: 2018) .
 
If you have any inquiries about the information security strategy, you can contact the portal management via the page Communication channels ​.
  

التشريعات ذات الصلة:

Electronic transaction system: Communications and Information Technology Commission
Anti-informatics crime system: Communications and Information Technology Commission
Basic controls of cyber security: The National Cyber ​​Security Authority