Information Security Policy

Policy Objective

To protect the confidentiality, integrity, and availability of information assets in compliance with laws and SEC IT requirements.

Scope

Applies to:

• Digital platforms

• Client databases

• Financial systems

• Communication channels

Information Classification

Information shall be classified as:

• Public

• Internal

• Restricted

• Classified

Access Control

Role-Based Access:

• Access to systems and data granted on a need-to-know basis.

Multi-Checklist Controls:

• Critical systems require two-factor authentication and biometrics.

Data Processing Measures

• Encryption protocols

• Multi-factor authentication

• Backup and disaster recovery

• Audit logs

• Regular vulnerability scanning

Incident Response

Security incidents shall be reported immediately to the Compliance and IT Security functions.

Subscribe to RC Brown Capital Insight

Our weekly newsletter with global insight
and intelligence.

Stay up to date