ISMS

Information Security Management System

Introduction

Recital Finance is an automated financial operations platform designed to streamline and enhance the efficiency of finance teams, particularly those managing high-volume or complex financial processes. The platform offers a suite of tools aimed at centralizing financial data, automating reconciliation processes, and providing real-time insights into cash flow and liquidity management.

To ensure the preservation of the confidentiality, integrity and availability of our information assets at all times, the organization has implemented an Information Security Management System (ISMS). The ISMS is designed to safeguard the sensitive data entrusted to us, mitigate risks, and continuously improve our information security posture.

Scope

This policy applies to all Recital Finance employees, top management, vendors, and third-party service providers. It covers all information assets, including customer data, financial information, and all processes covered under the scope of the ISMS.

ISMS Objectives

  • Objective 1- Conduct bi-annual role-based security awareness training with 100% employee participation.
  • Objective 2 – Ensure 100% Compliance with Contractual, Regulatory, and Legal requirements and reduce information security-related regulatory sanctions/penalties.
  • Objective 3 – Ensure 100% compliance with internal policies and procedures.
  • Objective 4 – Ensure 100% resolution of critical and high vulnerabilities within systems and software within 30 days.
  • Objective 5- Ensure response to security incidents within 24 hours.

ISMS Policy

The Management of Recital recognizes the importance of developing and implementing an Information Security Management System (ISMS). It considers the security of information and related assets as fundamental for successful business operations. This will be demonstrated by:

  • The provision of appropriate resources to establish and develop the ISMS.
  • The confidentiality of information is protected and prevents unauthorized access and disclosure of sensitive information.
  • The integrity of information is maintained to ensure its accuracy and completeness.
  • The availability of information is maintained to meet business needs and to allow our clients access essential services without disruption.
  • Business continuity plans are developed, maintained, and tested.
  • Information security awareness is shared with all employees.
  • An incident management process is established and implemented to ensure that all breaches of information security, actual or suspected are reported and investigated.
  • Information security risks are accessed, managed and mitigated to protect the organization and clients from evolving threats.
  • All legal, regulatory and contractual requirements related to [Organization Name] are met.
  • The information security management system is continually improved.
  • All stakeholders are responsible for the implementation of respective security policies and procedures within their area of operation and oversee adherence by their team members.

This policy is reviewed at least annually or following significant changes or incidents. Employees, suppliers, or other stakeholders who observe any deviations from the guidelines of this Policy may report the fact to the ISMS Manager via - email at add email and may identify themselves or not.

Ready to transform your payment operations?

Zero Engineering Cost - No Compliance Headaches - Automatic Reconciliation
Get Your Pre-Built Payment System

Book a demo