Jet Infosystems assessed the compliance of Tinkoff Insurance with the requirements of the information security of the Central Bank of the Russian Federation

2023: Finalization of Financial Institution Information Protection Compliance Audit

The specialists of the company "" Jet Infosystems completed a comprehensive assessment of the compliance of JSC Tinkoff Insurance"" with the requirements of GOST for information protection financial organizations. As a result of the audit, the company confirmed the fulfillment of the requirements for the protection of information CENTRAL BANK OF THE RUSSIAN FEDERATION at a high level. This "" was Jet Infosystems reported on November 24, 2023.

Periodic assessment of compliance with the requirements of GOST R 57580.1-2017 on the protection information financial of organizations is the responsibility of organizations. financial sector The Jet Infosystems team analyzed business processes the company, determined the scope of regulatory requirements, and collected and analyzed documentation and information on information security processes and implemented protection measures. During the project, the specialists of Jet Infosystems provided Tinkoff JSC Insurance with consulting support in terms of choosing and implementing protection measures provided for by the requirements of the standard.

Given the constant threat of cyberattacks from attackers and new information security challenges, companies must be especially vigilant and maintain a high level of protection against threats. Compliance audits allow you to confirm the correctness of the processes and identify the degree of their compliance with modern standards. Therefore, we not only make every effort to ensure the safety of our customers, but also constantly improve information security processes in order to anticipate the high requirements of regulators and prevent possible negative events, - explained Sergey Pavlov, Deputy General Director for Information Security of Tinkoff Insurance JSC.

The work carried out made it possible to confirm the current level of maturity of the company's information security management processes, as well as to form a list of measures aimed at improving the information security system in the context of continuously developing technologies and changes dictated by external and internal factors.

Earlier, our team did not conduct compliance audits of Tinkoff Insurance JSC, so the project was especially interesting for us. The company showed a high level of maturity of IT and information security processes and the implementation of protection measures. Few players in the insurance provision market can demonstrate a similar level. In the course of our work, we saw the maximum involvement and focus on the result on the part of the Tinkoff Insurance team, which made it possible to ensure a transparent audit process on time. As a result, we have developed a list of recommendations that will further strengthen the information security processes existing within the company, - said Sergey Kanivets, head of the compliance audit group of the Central Bank of the Russian Federation of the Consulting Department of the Information Security Center "Jet Infosystems."