39B6201
Information Technology Policy

Board of Directors and Senior Management of CBA Group are committed to preserving the confidentiality, integrity and availability of all the physical and electronic information assets throughout the Group, in order to ensure the achievement of CBA’s information technology, security and business objectives.

The Board has developed policies that provide guidelines for the appropriate use of the Group’s information technology resources and sets out the common policies and internationally accepted standards and best practices which provide a basis for the delivery of effective information and communication technology solutions. In addition, the Group also has in place an information and cyber security policy whose goal is to protect information and information assets related to the delivery of CBA services, against internal, external, deliberate or accidental threats.

The Board is also cognizant that cyber threats pose a significant risk for the Group in the delivery of best-in-class services to its customers as such the Board receives regular updates on the management of this critical and emerging risk through the Board Risk Management Committee (BRMC).