Information Security
Information Security


FCI is committed to implementing, maintaining and offering a fully secured ecosystem where all the confidential information is reviewed with appropriate security measures to protect the information from unauthorised use or accidental modification.

The mandatory requirements of this core policy are based on the three elements of information security:

Confidentiality: ensuring that information is only accessible to those authorised to access it

Integrity: safeguarding the accuracy and integrity of information and processing methods

Availability: ensuring that authorised users have access to information and associated assets when required

Business Continuity Plan by FCI

A business continuity plan (BCP) is basically a collection of resources, steps, strategies and information which is developed, examined and retained to deploy in case of any event of a disaster or major disintegration of normal operations.

Our comprehensive business continuity plan will assist you in maintaining all of your business related activities while limiting the disaster impact.

Our Certifications

ISO 9001

The International Standards Organization (ISO) 9001 certification is designed to assist organizations, of all types and sizes, to implement and operate an effective Quality Management System, where an organization needs to demonstrate its ability to provide products that fulfill customer and applicable regulatory requirements and aims to enhance customer satisfaction. FCI sites use ISO 9001 as the basis for continual improvement initiatives related to the quality of Products and Services.

ISO 27001

The International Standards Organization (ISO) 27001 certification is designed to assist organizations in establishing and maintaining an effective information management system including principles for governing the security of information and network systems. The implementation of this standard is intended to provide the foundation for continual improvement in the management of information systems at FCI sites and is harmonized with other management standards, such as ISO 9001 and ISO 14001.

SOC1 and SOC2

The AICPA Service Organization Control (SOC) 1 and 2 defines an organization’s adherence to the AICPA Trust Principles. SOC 1 is specifically intended for Internal Control over Financial Reporting and SOC 2 adheres to three AICPA Trust Principles: Data Security, Data Confidentiality, and Data Availability.

HIPAA (In-process)

FCI covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA) to use the secure environment to process, maintain, and store protected health information.


The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard administered by the PCI Security Standards Council. PCI DSS applies to all entities that store, process, or transmit cardholder data (CHD) or sensitive authentication data (SAD), including merchants, processors, acquirers, issuers, and service providers. The PCI DSS is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. FCI is PCI DSS compliant.