ZECHL STATEMENT OF SECURITY
STATEMENT OF SECURITY
The Zambia Electronic Clearing House Limited (ZECHL), a company registered under the Company’s Act of 1994 uses information and technology to further its achievement of organizational goals in an ethical, responsible, and professional manner in accordance with provisions of Zambian local legislation including the Electronic Communications and Transactions Act of 2021, Cybersecurity and Cyber Crimes Act of 2021, Data Protection Act of 2021, Banking and Financial Services Act of 2017 and National Payments Act of 2007, among others.
The Zambia Electronic Clearing House Limited being of processor of payment card information of major international payment card brands including VISA, MasterCard, JCB and UnionPay upholds and is compliant with the Payment Card Industry Data Security Standard (PCI DSS). The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is performed annually or quarterly, either by an external Qualified Security Assessor(QSA) or by a firm specific Internal Security Assessor (ISA) that creates a Report on Compliance for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.
The Zambia Electronic Clearing House Limited employs proven industry best practices to manage risks that threaten the confidentiality, integrity, and availability of information resources. The organization is guided by policy aligned to major standards and frameworks including COBIT, ISO 27001 and NIST Cybersecurity; ZECHL has further invested in control measures spanning over people, processes, and technologies to ensure a holistic and comprehensive approach to the protection of information resources.
The Zambia Electronic Clearing House Limited partners and collaborates with industry players both local and international to ensure the continued development of the organization’s capability to safeguard information and related resources.
1. Statement Of Information Assurance
The Zambia Electronic Clearing House Limited employs proven industry best practices to manage risks that threaten the confidentiality, integrity, and availability of information resources. Statement Of Information
Zambia Electronic Clearing House Limited has implemented its Information Security
Management System in compliance with ISO/IEC 27001 to enhance security of its critical
3. PCIDSS Certificate Of Completion
This is to certify that Zambia Electronic Clearing House Limited has successfully completed an assessment by
SecureTrust against the Payment Card Industry Data
Security Standard v3.2.1 (PCI DSS). ZECHL Certificate of Assessment Completion-signed