LogoLogo
v2018-04
Current Versionv2018-04v2019-09v2019-11v2020-03v2020-05v2020-08v2021-01v2021-07v2021-10
v2018-04
Current Versionv2018-04v2019-09v2019-11v2020-03v2020-05v2020-08v2021-01v2021-07v2021-10
  • Welcome
  • FundApps Policies
    • Technical & Platform Overview
    • Software Development
    • Risk Management
      • Risk Management Framework
      • Information Asset Register
      • Information Systems Register
      • Data Classification
    • Information Security
      • Employee Guide
      • Information Security Framework
      • Security Awareness Program
      • Incident Response Policy
      • Privacy Policy
      • Social Media Policy
      • Access Control
      • Vulnerability Management
      • Information Security Risk Register
    • Business Continuity
      • Business Continuity Framework
      • Business Continuity Risk Register
      • Business Continuity Plan
    • Personnel & Security
      • Overview
      • Code of Conduct
      • Health and Safety
      • Third party vendors
  • Frequently Asked Questions
    • Untitled
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. FundApps Policies
  2. Information Security

Security Awareness Program

FundApps management believe that embedding security into the culture of FundApps is critical to the success of our information security program, and as such this is a management priority.

We have the following in place to achieve this:

  • New starter survey to set the tone for those who join our organization, followed up by IT security survey a month later to raise awareness of our approach including staff security policies, data classification and our BYOD policies

  • 6 monthly IT security survey for existing staff to assess awareness and identify improvements

  • Monthly company-wide security session, to discuss any issues that may have arisen, clarify policies (such as data classification), identify improvements and new risks

  • Channels in company communication tool with security news

  • Our secure software development lifecycle and specifically the scoping and review process

  • Monthly security review session for key stakeholders where we actively review security access lists, audit logs and risk register

  • Culture of continuous improvement across all areas of the business

PreviousInformation Security FrameworkNextIncident Response Policy

Last updated 5 years ago

Was this helpful?