The Board and Management of VGN which operates in the Financial sector, is committed to preserving the availability of all its critical business processes throughout the organization, in order to preserve its assets, legal, and regulatory as well as contractual, compliance and image. The Business Continuity Management Systems (ISO 22301) requirements will continue to be aligned with organizational goals and are also intended to be an enabling mechanism for information sharing, electronic operations, and reducing Business Continuity & Technology-related risks to acceptable levels.

VGN Nigeria limited is committed to providing quality services to our customers, both internal and external by aligning Information Technology investments with organizational goals.

VGN has aligned its processes and operations to the ISO 22301 standards, to ensure business continuity, protection of its information business asset and maximization of benefit/returns on IT investments.

It is, therefore, VGN policy to ensure:

•  VGN current strategy and Business Continuity Management Systems (BCMS) provides the context for identifying, assessing, evaluating, and controlling Business Continuity/process-related risks through establishment and maintenance of the BCMS. The risk assessment and risk treatment plan capture how identified risks are controlled in alignment with VG risk management strategy.

• In particular, business continuity and contingency plans, data backup procedures, access control to systems and information security incident reporting are fundamental to this policy. All employees of VGN shall have the responsibility of reporting incidents

• All employees of VGN and external parties identified in the Management Systems are expected to comply with this policy. All staff and certain external parties will receive or be required to provide evidence of receiving appropriate training.

• The BCMS shall be subject to continuous and systematic review with improvements adopted, where necessary.

• Management is committed to the continual improvement of the BCMS in the Organizations.

•  Breach of the policy or security mechanism may warrant disciplinary measures, up to and including termination of employment/contract as well as legal action in line with the Cybercrime Prohibition Act 2015.