Swwipe Integrated Management System Policy Statement

Swwipe Financial Services Limited is dedicated to safeguarding the CONFIDENTIALITY, INTEGRITY, and AVAILABILITY of all information assets, aligning with legal and regulatory requirements. The Information Security Management System (ISMS), Business Continuity Management System (BCMS), and Service Management System (SMS) play a pivotal role, in enabling secure information processing, sharing, and storage. This commitment ensures compliance, meets contractual obligations, and upholds the organization's reputation. In tandem, Swwipe Financial Services Limited aligns Information Technology investments with organizational goals, adhering to ISO 27001, ISO 22301, ISO 20000 and PCI-DSS standards for business continuity, cyber resilience, protection of its information assets, and optimal returns on IT investments.

Policy Objectives:

• At Swwipe Financial Services Limited, we affirm our commitment to aligning information security and risk management frameworks with our current organizational strategy. The establishment and maintenance of the Information Security Management System (ISMS), Business Continuity Management System (BCMS) and Service Management System (SMS), play a crucial role in effectively managing information-related risks within the framework of our overall risk management strategy. This encompasses conducting Information Security risk assessments, developing a Statement of Applicability, and formulating risk treatment plans.
• Integral to this policy are business continuity and contingency plans, data backup procedures, access control measures, incident management protocols, disaster recovery, capacity and demand management system. All employees are entrusted with the responsibility of promptly reporting information security breaches and incidents.
• Every employee and external party identified in the Management Systems must comply with this policy. Comprehensive training in line with this policy is mandatory, with documentation of staff and relevant external parties providing or undergoing training.
• Breach repercussions encompass disciplinary measures, including potential termination of employment/contract. In cases of policy or security mechanism breaches, legal action will be pursued according to the Cybercrime Prohibition Act 2015

Our Compliance Certifications

We proudly hold compliance certifications, adhering to industry standards to ensure the highest level of security and reliability. This reflects our ongoing commitment to excellence in safeguarding data.

Payment Card Industry certified PCI-DSS