Information Security Forum (ISF):

A senior level multi-disciplinary forum and committee chartered to discuss, decide, direct and disseminate information security issues throughout the organization, Information Security Forum (ISF) is formed which is functioning as the governing body of ISMS under the supervision of CEO

Consists of CEO, CA, ISO, and all HODs

Formation of ISF is duly authorized by the CEO

ISF meets once after every three months

Urgent meeting can also be called in case of any serious security breach or other related matter

Comprehensive report named Report for ISF is made by the ISO and is duly discussed

Proceedings of the meeting are recorded in the form of minutes of the meeting for future reference and record purposes

Internal Audit:

Regular internal ISMS audits are planned and conducted to verify whether information security activities and related results comply with planned arrangements and to determine the effectiveness of the ISMS system

Non conformities to the system are controlled through CARs

System of measuring effectiveness:

In order to define and implement formal method and mechanism for measuring effectiveness of security controls to ensure security requirements are met, a system for measuring effectiveness exists at KKI

Based on controls measurement, decisions, actions and follow-ups are done for ISMS maintenance and further improvement

Management Review of ISMS:

Such review is being done on a continuous basis through ISF meetings, preparation of organization measurement sheets by the ISO on a monthly basis, internal audits, corrective and preventive actions, review of documents prepared by the departments, feedback from the interested parties and continuous monitoring of the system through ISF and ISMS Task Force.