ndewo black logo

Security Notice

Your privacy is important to us. This page outlines how Ndewo collects, uses, and protects your personal information.

secure lock image
Privacy PolicyT&CISMS Policy

Information Security Management System Policy

Introduction

To ensure the preservation of the confidentiality, integrity and availability of our information assets at all times, the organization has implemented an Information Security Management System(ISMS). The ISMS is designed to safeguard the sensitive data entrusted to us, mitigate risks, and continuously improve our information security posture.

Scope

This policy applies to all Ndewo Finance Ltd employees, top management, vendors, and third-party service providers. It covers all information assets, including customer data, financial information, and all processes covered under the scope of the ISMS.

ISMS Policy
The Management of Ndewo Finance Ltd recognizes the importance of developing and implementing an Information Security Management System (ISMS). It considers the security of information and related assets as fundamental for successful business operations. This will be demonstrated by:
  • The provision of appropriate resources to establish and develop the ISMS.
  • The confidentiality of information is protected and prevents unauthorized access and disclosure of sensitive information
  • The integrity of information is maintained to ensure its accuracy and completeness
  • The availability of information is maintained to meet business needs and to allow our clients access essential services without disruption.
  • Business continuity plans are developed, maintained, and tested
  • Information security awareness is shared with all employees
  • An incident management process is established and implemented to ensure that all breaches of information security, actual or suspected are reported and investigated
  • Information security risks are accessed, managed and mitigated to protect the organization and clients from evolving threats
  • All legal, regulatory and contractual requirements related to Ndewo Finance Ltd are met.
  • The information security management system is continually improved
  • All stakeholders are responsible for the implementation of respective security policies and procedures within their area of operation and oversee adherence by their team members

This policy is reviewed at least annually or following significant changes or incidents. Employees, suppliers, or other stakeholders who observe any deviations from the guidelines of this Policy, may report the fact to the ISMS Manager via - email at ismsteam@ndewo.com and may identify themselves or not.