Management’s Commitment to ISMS

MANAGEMENT’S COMMITMENT TO INFORMATION SECURITY MANAGEMENT SYSTEM

PT Jalin Pembayaran Nusantara (“Jalin”) is committed to establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS) in accordance with the following risk management standards and principles:
1. Setting as well as meeting targets and objectives as performance indicators for ISMS implementation;
2. Implementing an information security risk assessment and conducting regular evaluations;
3. Disseminating ISMS policies and procedures to all parties in the organization;
4. Providing adequate resources to implement ISMS effectively;
5. Providing awareness of information security on a regular basis;
6. Providing continuous improvement to the performance of ISMS;
7. Following all applicable rules and regulations related to information security in the territory of the Republic of Indonesia;
8. Accommodating the needs and expectations of stakeholders;
9. Establishing an information security policy that is aligned with the company’s vision & mission covering aspects of people, process, and technology;
10. Ensuring that information security requirements are integrated into the company’s day-to-day processes;
11. Disseminating the importance of information security and compliance with applicable information security regulatory requirements (both external and internal) to all employees;
12. Conducting management reviews to discuss the implementation and effectiveness of information security systems through periodic reviews and audits;
13. Providing sufficient resources to implement a security management system, including appropriate human resources, infrastructure, and work environment;
14. Providing continuous direction and support to all employees to achieve effective information security management;
15. Carrying out continuous improvement of information security management according to changes in business, technology, regulations, or the results of reviews and audits;
16. Supporting the establishment of the organizational structure, roles & responsibilities of senior and middle-level information security management as stated in the information security policies & procedures and job descriptions.