Principles of Information and Management Part 5

June 21, 2017

283. The Board must ensure that an information security management system (ISMS) is developed, implemented and recorded in an appropriate and applicable information security framework.

284. The Board should supervise the information security strategy and delegate and empower management to implement it.

285. The ISMS should include the following high level information security principles –
(a) confidentiality of information;
(b) integrity of information;
(c) availability of information systems in a timely manner; and
(d) retention of information.

286. The Board should provide leadership and direction to ensure that the company’s Information Communication Technology, ICT, achieves, sustains and enhances the company’s strategic objectives.

287. The Board should take necessary steps to ensure that there are processes in place for the complete, timely, relevant, accurate, integrated and accessible ICT reporting by management to the Board and by the Board to the shareholders.

288. The Board must establish a robust process for identifying and exploiting opportunities to improve the performance and sustainability of the company through effective and efficient ICT use.

289. The Board should ensure that ICT frameworks, policies, processes, procedures and standards are implemented with a view to minimizing ICT risks, delivering value, ensuring business continuity and assisting the company in managing its ICT resources efficiently and cost effectively.

According to the NATIONAL CODE ON CORPORATE GOVERNANCE ZIMBABWE

Principles of Information and Management Part 5

Categories

Archives

Address

News & Articles

LOBOLA REQUIREMENT AND ITS LEGALITY~ A BRIEF DISSCUSSION

INSURANCE LAW IN ZIMBABWE - COMPULSORY THIRD PARTY INSURANCE

ZIMBABWEAN COURTS CATCHING UP WITH TECHNOLOGY- A Brief Discussion

STATUTORY INSTRUMENT 89 OF 2021- A CLOSE ANALYSIS ON THE BAN OF SECOND HAND VEHICLES