Banks to acquire ISO certificates before December 2015 – CBN

The Central Bank of Nigeria (CBN) is set to mandate all Deposit Money Banks (DMBs) in the country to undergo a security certification audit before the end of 2015.

The apex bank maintained that this would aid the protection of customers' assets as well as ensure a greater information security awareness in the financial sector.

The Director, Information Technology Department, CBN, Mr. John Ayoh, confirmed this on the sidelines of the presentation of the ISO 27001 - 2005 certificate for information security to the bank in Abuja on Wednesday night.

Ayoh said, 'Our certification will go through a six-month review internally; but as I said, by the end of 2015, the commercial banks are required to have also acquired the certification.

'We are going to set up a review committee within the Bankers' Committee and the consultants that will go around the banks and check for compliance with that standard on a periodic basis.'

With the ISO certification, the CBN has now joined the league of international financial institutions such as the World Bank and the International Monetary Fund, which have gone through the certification audit conducted by the British Standards Institute

Shedding more light on the development, the Deputy Governor, Economic Policy, CBN, Mrs. Sarah Alade, said the bank was, in conjunction with the Bankers' Committee, committed to the implementation of the selected standards as an integral part of the financial services industry's infrastructure transformation programme.

The aim of the programme, according to her, is to significantly enhance operational efficiency and cost effectiveness of Nigerian banks through shared services.

Alade said an integral part of the overall objective was industry compliance with an acclaimed standard of managing critical information.

This, she said, would help to engender the needed confidence of stakeholders in the country's financial services industry.

The move, she explained, led to the selection of the highest standard for information security management, the ISO 27001 - 2005, for information security framework as part of the IITC.

The CBN deputy governor said, 'I am pleased to be part of the celebration of this remarkable achievement by the Central Bank of Nigeria.

'For the CBN, aside from taking the lead in practices consistent with its status as the apex regulator of the financial system and facilitator of the IITC, a major driving force in establishing an information security management system was the need to have formalised processes to protect the organisation's key information assets as some of them are information of national relevance.'