The Information Security Standards for the Capital Market (ISSCM) is a standard in Israel that provides guidelines for organizations in the capital market to manage and protect against cyber threats. This standard is intended to help organizations in the capital market to protect sensitive information and comply with relevant regulations and laws.
The ISSCM includes guidelines and best practices for:
- Risk management
- Incident management
- Business continuity management
- Compliance with legal and regulatory requirements
The standard covers a wide range of information security-related topics, including:
- Network security
- Cloud security
- Mobile device security
- Identity and access management
- Data protection
- Compliance with regulations such as MiFID II, Dodd-Frank Act and more.
The ISSCM is based on international standards such as ISO/IEC 27001 and is designed to help organizations establish, implement, maintain, and continually improve their information security management systems (ISMS). Organizations in the capital market are expected to comply with the standard and to demonstrate compliance through regular assessments by a qualified auditor.
The ISSCM standard is mandatory for organizations operating in the capital market. Compliance with the standard can also help organizations to protect their reputation, demonstrate their commitment to information security and provide assurance to their customers and other stakeholders.