Lagos — Oando PLC on Tuesday, January 21, 2020 became the first African oil and gas company to receive the prestigious ISO 27001 Certification from Certification Partner Global FZ LLC.
ISO 27001 is the international standard outlining best practices for information security management systems.
Speaking at the certificate presentation ceremony, the Group Chief Corporate Services and Operations Officer, Oando, Mr. Zubairu Muntari said; “This is a significant achievement for Oando. By implementing and following the necessary steps to comply with this standard, we can identify, control, and eliminate security risks, ultimately validating the security practices adopted within the organization. The certification also means that we are able to provide our stakeholders with a higher degree of confidence in the quality and stability of data security and further validating our commitment to the highest standards of information security”.
The Head of IT, Oando Group, Mr. Idris Musa, who directed the project attributed the success to the commitment by management towards managing business compliance and operational risks associated with the use of information systems and digital assets.
He said: “The investment in ISO 27001 enterprise security framework have allowed us structure and implement modern security controls in a complete and cohesive manner thereby strengthening our data and information system governance.”
Commenting on the certification, the Chief Operating Officer, Digital Encode Limited, Dr. Obadare Peter said; “Essentially, the certification aims to establish and put in place good information security practices across the Oando Group. The certification is proof that the Company’s systems and processes have been audited against international best practice, positioning Oando as operating to global standards.”
About ISO 27001 ISO 27001 certification is one of the most widely recognised and internationally accepted information security standards. ISO 27001 certification is the global standard for information security management system, part of the ISO/IEC 27000 family of standards published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee. The certification specifies a management system that is intended to bring information security under management control and gives specific requirements. Organizations that meet the requirements may be certified by an accredited certification body following the successful completion of an audit.