Money Care

Enterprises Information Security

Policy (EISP)
CCS113 - Information Assurance Security
Group 4
Escopete, Joana Mae B.
Esguerra, Dave V.
Evangelista, Renzo F.
Ferreras, Vince Austin R.
Figueroa, Coleen Chloie C.
Money Care

Money Care is a micropayment service that turns a smartphone

into a virtual wallet for safe, quick, and practical money transfers. With
Money Care, you may shop online, pay bills, mail money, make
donations, buy prepaid credit, and even buy things without having to
use cash.
 Privacy and Access to
Personal Information Policy
Statement of Purpose

Establish a policy on the privacy of personal information and the

conditions under which it may be accessed and/or released without the
user's consent.
Information Security Elements

Personal information is provided (as appropriate) in accordance with this Privacy Policy and with the user’s consent in
a separate, formal statement:

● To entities and under conditions mandated by law;

● With relation to outside service providers or third-party service providers;

● To other organizations to which the data must be sent in order to achieve the processing goals.

The information should be preserved and stored in accordance with the purpose for which it was processed if it is
essential to keep the data for a specific amount of time due to legal requirements. In an independent formal declaration
that is signed by the user and is specific to the processing goal, the duration of retention for personal data is stated.
Need for Information Security

Information entrusted to us is safeguarded in process and storage by the

information security policy, which also safeguards its confidentiality, integrity, and
availability. The danger of security breaches, loss of data assets, unauthorized access
to information, damage and system disruptions, and other associated security
concerns are reduced by effective adherence to the enforced information security
rules and by providing the necessary training and education. It is essential for
establishing credibility and trust as well.
Information Security Responsibilities and Roles

Department of IT Units and IT Resources Owners - Implement and oversee adherence to this standard, as
well as any pertinent policies, standards, and best practices, for IT resources in their charge. To safeguard IT
resources, if necessary, establish additional policies, processes, or other requirements that go beyond this
standard.

IT Security and Policy Identity and Access Management - Provide departments and academic units with
identity, authentication, and authorization services.

Data Users - Those who access personal data to carry out their given tasks. Data Users are accountable for
maintaining the security of their access rights, using personal data they have access to in accordance with the
risk level assigned to it, and adhering to IT standards.
Reference
Republic Act 10173 - Data Privacy Act of 2012
https://www.privacy.gov.ph/data-privacy-act/
Data Protection and Privacy Laws
https://id4d.worldbank.org/guide/data-protection-and-privacy-laws
Privacy Design Guidelines for Mobile Application Development
https://www.gsma.com/publicpolicy/wp-content/uploads/2018/02/GSMA-Privacy-Desig
n-Guidelines-for-Mobile-Application-Development.pdf