Information Security Management System (ISMS) is a systematic approach adopted to manage the unique and sensitive information and document flow of the CFCU. The main purpose of this system is to protect sensitive and confidential information. Information Security Management System covers the operation process and information technology (IT) systems on information and documents. Information Security Management System is taken into account in all policies, procedures, processes, instructions, and standards prepared within the CFCU.
Within the guidance of ISO 27001:2017 Standard, ISMS assures confidentiality, integrity, and availability of the information and protects it from unauthorized access. The CFCU fulfills the objectives of ISMS by the successful establishment of security awareness all around the institution and contribution of whole personnel. Accordingly, devotion to the due policies and procedures is the obligation of all employees. Furthermore, ISMS is implemented via the execution of tasks by staff assigned to specific roles and workgroups.
Establishing a proper information security management system is also a legal obligation. Therefore, executing such a security process requires elaborate work, utmost attention, and continuous improvement. CFCU is determined to carry out its duties with this understanding.