Information security policies play a crucial role in strengthening the security and well-being of information resources, serving as the foundation of information security within an organization. According to a survey, 66% of bank executives agreed that data granularity is sufficient for appropriate authorized access. Access to the network and servers is controlled by unique logins requiring authentication methods such as passwords, smartcards, and biometrics, which 92% of executives supported. Additionally, 74% of executives confirmed that monitoring is implemented across all systems, including logging attempts and failures, successful logins, and the date and time of logins and logoffs. Furthermore, 90% of executives agreed that internet connections travel through secure points to protect the network, and 86% confirmed the installation of approved, licensed antivirus software with regular updates. While these statistics suggest that banks have adopted strong security measures in terms of software and hardware, a closer examination of the survey data reveals that specific areas still require additional focus.