Infomation Security Policy
INFORMATION SECURITY POLICY STATEMENT
Revfin Services Private Limited (Revfin) is a commercial EV financing company. We are dedicated to making loan access convenient and accessible for our customers.
The objective of this Information Security Policy Statement is to ensure that Revfin Services Private Limited (Revfin) delivers a consistently high level of information security throughout the company. Revfin is committed to implementing and maintaining compliance with ISO 27001, and to continuous, practical improvement of our information security practices. This will help maintain our reputation in the industry and meet our legal/regulatory and customers’ requirements.
Revfin commits to:
- Clearly understanding the requirements and expectations of our customers and relevant regulatory authorities.
- Working closely with our customers and suppliers to deliver services in a security conscious fashion.
- Ensuring every employee shares responsibility for effective information security.
- Protecting its people, information, intellectual property, assets, activities and facilities against misuse, loss, damage, disruption, interference, espionage, or unauthorised disclosure. It is also critical that we retain the confidence of those who entrust sensitive information to Revfin.
- Developing and maintaining security policies and controls designed to meet the requirements of ISO 27001. The policy statements contained in our Information Security Policy (ISP), procedures, guidelines, and standards, reflect the minimum requirements necessary to maintain an acceptable standard for protecting our information assets and, at the same time, our reputation.
- The “Maker-Checker” principle for reducing the risk of error and misuse and to ensure reliability of data / information to the customers.
- Periodic testing of the capability of applications to failover to alternate data centers as part of the periodic Data Backup and BCP testing program.
- Duly Board approved BCP Plan for reviewing and ensuring regular oversight by the Board every year.
- Ensure consistency and adequacy in filling regulatory returns to RBI (COSMOS Returns).
- Maintaining System generated reports for the Top Management summarizing financial position of the organization, including operating and non-operating revenues and expenses, cost of funds, etc.
- Implement an Information Security Management System (ISMS) and ensure it is maintained, continually improved, and supported with adequate resources to achieve the objectives set in this Policy Statement.
Our approach to achieving these objectives is to enhance information security through investment in technology, processes, and employee skills. This will improve the way we both manage our business and deliver services to our customers.
This policy statement shall be easily accessible to all Revfin staff. It is also available for public viewing on our website https://revfin.in/. Each member of staff is asked to take particular care in their approach to security and to accept the important role they play in maintaining an effective information security program throughout Revfin.
Effective: 23rd day of December 2021
Sameer Aggarwal
Founder & Chief Executive Officer, Revfin
