ISMS Policy

"These days, it's inconceivable to live without access to information at any time and in any place, via countless types of device. However, we live in this cyber-space with present threats, with financial, strategic and even legal risks.

This policy is part of ZENITHE INSURANCE's information security program. It covers all aspects of security, including its information security requirements and its commitment to protecting its employees, suppliers, customers and information to achieve its business objectives. The main objectives of the Policy are as follows:

  • Preserve the confidentiality, integrity and availability of information;
  • To ensure that all users are aware of and comply with the relevant laws in force concerning confidentiality, integrity and the handling of information;
  • Maintain all data and other information at a level of security commensurate with its classification, in particular by complying with all legal and contractual requirements relating to information security.

Achieving these objectives implies taking into account the following strategic orientations:

  • Cyber risk assessment, testing and mitigation;
  • Security related to the use of cloud technologies, mobile devices and remote access;
  • Training and awareness-raising for information system users;
  • Compliance with legal, regulatory and contractual obligations regarding the protection of personal information;
  • Management of information security incidents in accordance with NIST and ISO 27001 standards;
  • Protection of assets against loss, damage, theft or compromise;
  • Network management and utilization, including backup management.

Compliance with the policy and related guidelines is mandatory and enforceable for ZENITHE INSURANCE employees, suppliers and partners. Failure to comply with the spirit of this policy may result in denial of access to the information system and disciplinary action.

General Management makes it a point of honour to enforce this policy, and undertakes to provide the resources required to implement it. It assigns the Quality Coordinator and the Information Security Management System Manager the task of coordinating all actions relating to the implementation and improvement of our information security management system."


by NDECHAM MAXWELL

Chief Executive Officer (CEO)


 

                                                                                           Douala, May 28, 2024.



Commitments

Need Help?