Companies

Heritage Bank attains ISO 27001 Information Security Management Certification

by Editor

March 22, 2018 | 12:34 am
  |     |     |   Start Conversation

Heritage Bank Plc, one of Nigeria’s banking service provider, has achieved the Information Security Management Certification from International Standards Organisation (ISO).

  This certification also known as the ISO 27001: 2013 is part of the ISO 27000 family of standards which helps organisations keep information assets secure. The certification was achieved on the heels of the bank’s drive to revolutionalise the banking sector digital experience with Octopus, by putting in place a systematic approach to managing sensitive organisational information, ensuring it remains seamless, secure and available.

The Octopus platform owes numerous benefits to the users, thereby enable small businesses key into electronic payment system easily, efficient collections, social integration, retention strategy, bills payment, mobile virtual top-up, funds transfer, balance enquiry, movie show time, and news.

With the introduction of Octopus, the ISO 27001: 2013 Information Security Management Certification is proof of the bank’s demonstrated ability to consistently provide products and services that gives service consumers and customers an easily recognisable security hallmark.

  Speaking on the award received, Ifie Sekibo, MD/CEO of Heritage Bank Plc, reiterated the bank’s commitment for secured services, whilst assuring customers that their information is appropriately protected and, as such, reduces the need to undertake time consuming and costly onsite security audits reducing time and cost for both parties.

According to him, the certification demonstrates credibility and trust, which reduces customer and supply chain audit and ISO 27001 certification reduces third party scrutiny of your Information Security Management by customers and the wider supply chain.

“The achievement of ISO 27001 will differentiate two competing organisations in the market place, providing a valuable competitive advantage. Increased legislative and regulatory compliance, ISO 27001 supports compliance with relevant laws such as the Data Protection Act 1998 and software copyright legislation. This in turn reduces the risk of facing prosecution and fines. An organisation’s liability in security incidents may be reduced if it is certified ISO 27001 compliant,” said Sekibo.

As ISO 27001 is the current international benchmark for Information Security Management, it is increasingly recognised that compliance with the standard is supportive evidence of adequate security.

Considerations and outcomes to achieve ISO 27001 certification, an organisation must produce documentation that demonstrates that it has developed an Information Security Management System that complies with the standard. Organisations should consider producing most of this documentation even if they are not going for certification as it provides a best practice approach for compliance as well.

There are three key issues to note about the standard: Its generic requirements mean that it is applicable to all organisations, regardless of size, type or nature. However, you tailor it to the exact needs of your organisation through the information security controls that you select to implement within your Information Security Management System. It takes a flexible, risk-driven approach. It is dynamic and focuses on continual improvement and helps the organisation keep ahead of changes both within and outside the organisation.


by Editor

March 22, 2018 | 12:34 am
  |     |     |   Start Conversation

Big Read |  

Analysis

What Nigeria must do before signing AfCFTA

Nigeria’s President Muhammadu Buhari last Wednesday gave a hint that he would sign the African Continental Free Trade Area (AfCFTA)...


Top 100 (300 x250)

MTN banner 2

WSE

Newsletter CompanyReport