Menu

Bank of Ghana gets ISO 27001 Certification

Tue, 24 Mar 2009 Source: GNA

Accra, March 24, GNA - The Bank of Ghana (BoG) has secured the ISO/IEC 27001:2005 Certification, which is the world's highest accreditation for information protection and security, a statement from the Bank said on Tuesday. By this certification, the Bank of Ghana has distinguished itself as the first central bank in Africa and joins a small group of central banks including Federal Reserve Bank of New York, Reserve Bank of India, Bank of Indonesia and Bank of Taiwan that have attained this prestigious status.

The independent assessment was carried out by UK-based Lloyds Register

Quality Assurance (LRQA), one of the few companies in the world to perform ISO

27001 audits. ISO 27001 is the only auditable international standard which defines the

requirements to ensure that sufficient security controls are instituted within the certified

organization. Additionally, maintaining the ISO 27001 Certification required an annual review

and three-year re-certification in the continual scrutiny of Bank of Ghana's information

security management system in a manner that aimed to provide confidence to clients

and the public as a whole that the Bank's data was protected on an ongoing basis, the

statement explained. The IMF and World Bank are among other financial institutions that have such a

certification by the International Standards Organization. The statement said the ISO 27001 certification demonstrated that the BoG had

addressed, implemented and controlled the security of the Bank's information, and

that BoG's management information and systems were secure to ensure the integrity

of data sent out as well as data received, significantly limiting security and privacy

breaches. It also establishes that relevant laws and regulations are being met, especially in

line with the BoG's mandate of ensuring an effective banking system in the country,

and that a commitment to information security exists at all levels throughout the bank. Other benefits include, increase in overall organisational efficiency and operational

performance and minimisation of internal and external risks to business continuity. Managed information security services for the certification project were provided

by UK-based AKK Risk Management Consulting Ltd involved in the provision of

such services to private as well as government institutions.

Source: GNA