Integrated Management System Policy Statement

Moniepoint MFB. is committed to maintaining and improving information security and business continuity processes by adopting an integrated management system. This provides a framework for integration of the ISO 27001:2022, ISO 20000:2018 and ISO 22301:2019 standards. ve of the type of personal data that we collect, our method of collection of personal data, use of personal data and procedures for sharing personal data with third parties.

The company defines our core values for Integrated Management System as follows:

• To ensure uninterrupted availability of all key business resources required to support essential (or critical) business activities.
• To reduce the number of information security, Quality, Service management and business continuity high priority risks on Moniepoint MFB.'s risk register.
• To ensure that all persons employed by us are competent to carry out the specific work tasks by providing all necessary information, instruction, training and supervision.
• To provide for an orderly and expedited recovery/continuity of critical business processes after a disruptive incident.
• To reduce or avoid information security breaches and related loss.
• To Ensure Compliance with Moniepoint MFB. Contractual, Regulatory, and Legal requirements and reduce information security related regulatory sanctions/penalties.
• To ensure Information collected, held, and used by the organization is appropriately protected and available in line with business requirements.
• To improve information security culture and consciousness in the organization.
• To provide training in information security, Service, Quality and Business continuity for key resources
• Create awareness to all staff on the needs and responsibilities of Service, Quality, Information Security & Business Continuity Management System
• To ensure that the Confidentiality, Integrity and Availability of information is maintained throughout business functions and processes
• To ensure information is only accessible to authorized persons from within or outside the company and minimize damage by preventing and reducing the impact of security incidents
• To optimize our business processes to always strive for zero defect and no waste attitude
• To ensure customer satisfaction
• To ensure that all employees are made aware of their individual obligations in respect of Service Delivery.
• To ensure continual improvement of our Service, Quality, Information Security & Business Continuity Management. System.

The Integrated Management System policy, objectives and targets will be reviewed annually (or sooner if necessary) by Top Management. This policy statement is communicated to all employees and persons working for or on behalf of the company and will be made available to the public, stakeholders, and any other interested parties on request.