Information Security Policy


Having been approved by top-level management, this information security policy outlines the overall security requirements and secure use of the information technology services for Mosaic FSI.

This document will be reviewed and updated by management on an annual basis or when relevant to include newly developed security standards into the policy and distribute it to all employees and contracts as applicable.

This policy applies to all systems, people and processes that constitute the organisation’s information system, including board members, directors, employees, suppliers and other third parties who have access to Mosaic FSI systems.

Applicable Legislation/ Regulations

The following is a list of the various agencies/organisations whose laws, mandates, and regulations were incorporated into this document’s various policy statements.

  • NZ Privacy Commissioner
  • Privacy Act 2020
  • Financial Markets Authority
  • Government Communications Security Bureau

Download the complete information security policy here Information Security Policy