Corporate Governance - Customer Protection
Overseeing the Culture and Digital Transformation that have been carried out since 2021, BRI further strengthens the role of Governance as the basis for developing and implementing the company’s business through increasing employee awareness, improving systems, and updating policies. Enhanced implementation of BRI’s Good Corporate Governance has received recognition from various parties so that BRI is ranked as the Most Trusted Company in Corporate Governance Perception Index from The Indonesian Institute for Corporate Governance.
BRI already has a work unit under the Director of Digital Information Technology & Operations that specifically deals with information security. The information security work unit is responsible for:
- Design of Security Architecture,
- Operational Security,
- Cyber Risk and Cyber Intelligence,
- Data Loss & Fraud Prevention,
- Identity & Access Management,
- Program of Management, Investigation & Forensics, and
- Security Governance.
The information security work unit is led by a Chief Information Security Officer (CISO). CISO must be experienced in security and holds several certifications, such as CISA (Certified Information System Auditor) and CISSP (Certified Information Systems Security Professional). BRI has designed an Enterprise Security Architecture based on the NIST Cyber Security framework used as a reference in developing cyber security in BRI.
BRI has established the BRI CSIRT Cybersecurity Incident Response Framework, which is regulated in Circular Letter Number SE.38-DIR/ISC/06 of 2021 on Cybersecurity Incident Management. In the event of suspicious activities, employees are instructed to follow the escalation process as follows:
