DFCC receives ISO 27001:2013 Certificate
DFCC Bank was awarded the ISO 27001:2013 certification in recognition of implementing the best practices in legal, physical and technical control for information security management. The certificate was awarded to Palitha Gamage, the Chief Risk Officer, DFCC Bank by Shan Nanayakkara, General Manager, Bureau Veritas Sri Lanka.
"This certification demonstrates our compliance with mandatory certification as laid down by the Central Bank. It helps us manage information security risks at an acceptable level and provide assurance to our customers and suppliers. The management of DFCC was committed to implement the ISO 27001:2013 security standard and engaged with PricewaterhouseCoopers (PwC) for the ISO implementation and with Bureau Veritas for the certification audit. We are very grateful for their support," said Arjun Fernando, CEO, DFCC Bank.
Commenting on this feat, Yudhishtran Kanagasabai, Director, PwC, said, "DFCC has taken a bold step in an era where the technology landscape continues to change and the diversity of the threat landscape continues to increase. This certification would move DFCC to the next level in being a cyber-resilient organisation ensuring its stakeholders about privacy of data and information."
The ISO 27001:2013 standard provides a robust model for information security risk assessment and security design, implementation, and management, with the adoption of appropriate security controls that protect the information of the company, customers and other stakeholders, said Shan Nanayakkara, General Manager, Bureau Veritas.