The Board and Management of Union Bank of Nigeria, with Head Office at No 36 Marina, Lagos Island, Lagos is committed to ensuring the security, resilience, continuity, and service delivery of the business for the benefit of its customers, shareholders, and other stakeholders.
To provide such a level of operation, Union Bank of Nigeria has implemented an Integrated Management System (IMS), consisting of the Information Security Management System, Business Continuity Management System, and Service Management System, in compliance with ISO/IEC 27001:2022, ISO/IEC 22301:2019, and ISO/IEC 20000:2018 respectively.
The top management of the Bank demonstrates its commitment to the integrated management system by establishing relevant objectives and policies and providing the needed resources to maintain and continuously improve information security, business continuity, and service management in the Bank. The Bank ensures compliance with all applicable regulations, standards, and contractual requirements.
It is therefore our policy to ensure that:
Union Bank’s current Strategy and Integrated Management System provides the context for identifying, assessing, evaluating, and controlling information-related risks through establishment and maintenance of the ISMS, BCMS and SMS. The Information Security risk assessment, Statement of Applicability and risk treatment plan identify how information – related risks are controlled in alignment with Union Bank’s risk management strategy.
Business continuity and contingency plans, data backup procedures, access control to systems, incident management and reporting are fundamental to this policy. All employees of Union Bank shall have the responsibility of reporting information security breaches and other incidents.
Ensure an uptime availability of services and other processing resources for the benefit of the customers, shareholders, and other stakeholders.
All employees of Union Bank and certain external parties identified in the ISMS are expected to comply with this policy. All staff and certain external parties will receive or be required to provide appropriate training.
The Chief Information Security Officer (CISO) is the owner of this document and is responsible for ensuring that this policy document is reviewed and reapproved by the Board at least annually and in the event of any significant changes and/or incidents.
A current version of this document is available to all members of staff on the Intranet. This policy is issued on a version-controlled basis under the signature of the Managing Director, Union Bank.
Breach of the policy or security mechanism may warrant disciplinary measures, up to and including termination of employment/contract as well as legal action in line with the Cybercrime Prohibition Act 2015.
