Effective Security Management
Tarabut’s Information Security Management System (ISMS) ensures a structured approach to managing information security, and is fully aligned with ISO/IEC 27001:2022 and regulatory standards from CBB and SAMA. Our ISMS addresses business risks and establishes tailored security controls. We are committed to maintaining best practices through regular audits, and every employee plays a key role in adhering to these standards. Tarabut’s Information Security Team oversees implementation and continuous improvement across all operations.
Our Commitment to Information Security
At Tarabut, we take a process-driven approach to safeguarding information through our Information Security Management System (ISMS). This includes:
Aligned Security Objectives
Ongoing Improvement
Measures we take
Through the implementation of robust policies and procedures, we manage information systems and assets securely, meeting legal, regulatory, and contractual obligations. Below are the key components of our ISMS that ensure the highest levels of data protection and security.
Encryption
Transmission Security
Vulnerability Management
Penetration Testing
Information Security Pack
Tarabut is dedicated to maintaining top-tier information security, offering transparency through our Information Security Pack (InfoSec Pack). This resource provides insights into our measures, controls, and safeguards, helping partners conduct their due diligence.
Request the InfoSec Pack
For more information, or to request our InfoSec Pack, please contact infosecpackrequest@tarabut.com. An NDA may be required for access.
Key Security Measures
Comprehensive ISMS
Key Security Measures
- ISMS
- Monitoring
- Training
- Testing
- Protection
- Certifications
Comprehensive ISMS
Our Information Security Management System (ISMS) ensures the confidentiality, integrity, and availability of information assets, aligning with industry standards and regulatory requirements.
Advanced Monitoring
Continuous risk assessments, vulnerability management, and incident response planning keep our systems secure. We implement 24/7 monitoring of threats and vulnerabilities, integrated with automated ticketing systems.
Employee Training
Ongoing security awareness programs empower staff to identify and address potential threats.
Penetration Testing
Bi-annual assessments by third-party experts to identify potential vulnerabilities.
Data Protection
Compliance with UK GDPR, Bahrain’s PDPL, UAE’s PDPL, and Saudi Arabia’s PDPL ensures that all customer data is managed with care.
Certifications
ISO27001:2022 Certified: Annual audits to maintain high standards.