The Nation Newspaper

Tag: certification

  • Why CBN got ISO 20071 certification

    Why CBN got ISO 20071 certification

    The Central Bank of Nigeria (CBN) has been issued the ISO 20071 certification, meaning that Nigeria’s apex bank has developed near-fool proof mechanism to protect valuable information and documents for itself and its clients and assets involved that need protection, report Nduka Chiejina (Assistant Editor) and Bridget Adah Agiounim.

    By 2015, the Central Bank of Nigeria (CBN) aims to become the model central bank by delivering price stability conductive to economic growth. In addition, the bank hopes to achieve safe, stable, and sound financial system by encouraging credible, reliable and efficient payment system.
    To achieve all these, the CBN has recently been certified ISO20071 by the British Standards Institution (BSI) to ensure that the apex bank’s confidential information and documents are secured.
    The 20071 certification of the CBN has also been extended to all commercial banks with a directive to Deposit Money Banks (DMBs) to get their Information Security Management System (ISM) certification by the end of 2015.
    To ensure compliance, the CBN said it will set up a review committee within the Bankers Committee “and consultants would go around the banks and check for compliance with that standard on a periodic basis.”
    The benefits of ISMS include: to demonstrate leadership in compliance with information security standards; provide systematic safeguards for CBN’s information assets; improve security and ensure a reduction in risk through better understanding and enhance the CBN’s reputation not just at the national level but at the international level.
    According to Dr (Mrs.) Sarah Alade, Deputy Governor, Economic Policy of the CBN, “the aim of this programme was to significantly enhance operational efficiency and cost effectiveness of banks in Nigeria through shared services.
    The Central Bank of Nigeria, she said, “had in conjunction with the Bankers Committee committed the implementation of the selected standards as an integral part of the financial services industry infrastructure transformation programme (IITP).”
    This, she pointed out, “led to the selection of the highest standard for information security management of the CBN. The ISO 27001 – 2005 for information security framework as part of the IITP.”
    Why adopt ISO 27001? The Central Bank of Nigeria (CBN) is charged with the responsibility of governing the banks and other financial institutions under Banks and Other Financial Institutions (BOFI) Act (1991) as amended, with the sole aim of ensuring high standards of banking practice and financial stability through its surveillance activities, as well as the promotion of an efficient payment system.
    The motivation to implement the ISO27001 Standard the CBN said emerged from the need for it to take the lead in compliance with information security best practices in line with its status as the regulator of the financial services industry in Nigeria by complying with an appropriate and systematic management framework to adequately protect the Bank’s information assets, and to leverage on the opportunity for continuous operational excellence that will yield positive result on investment.
    The ISO27001 standard was identified as one of the IT standards within the financial services IITP. The process was initiated by engaging a consultant, Global Infoswift Limited (GIS), to carry out an Information Security Gap Analysis, give a roadmap where the Bank needed to move in terms of its Information Security Management System (ISMS).
    According to Afolabi Oke, Project Director, Global Infoswift Limited (GIS), his company was engaged based on their pedigree and experience, having led the First Bank of Nigeria to achieving the certification.
    Prior to commencing implementation of the ISO27001 ISMS within CBN, an information security gap analysis was conducted by Global Infoswift LTD and the results used as a baseline for determining the ISMS project approach.
    The CBN governor, Mallam Sanusi Lamido Sanusi, noted that the certification “is a clear affirmation that the Central Bank has adopted the highest framework in the world for information security management and CBN being a regulatory authority decided to take the lead in practices that are consistent with its status.”
    John Ayoh, Director, information Technology Department of the CBN, explained that “for this phase of the information security programme, we will definitely say that we have achieved our immediate objective of establishing the information security management system.
    Implementing ISO27001 has helped the CBN establish a leadership position as financial regulators not just at the national level but at the international level.
    It also gives CBN’s stakeholders a level of assurance in knowing that controls have been implemented in ensuring the safety and security of their information assets.
    Folakemi Fatogbe, Director of Risk Management Department of the CBN said they “took a pro-active approach to risk assessment and management through the use of risk management tools, leading to a more structured Risk Treatment Plan.
    The British High Commissioner expressed delight that the CBN “is the first regulatory agency in Nigeria to achieve ISO certification. That is a major achievement in itself, it is rather more important than that. It is not just a benchmark that is difficult to attain, it is a confidence-building method. The Central Bank is a verified international company by the IMF and the World Bank.”

  • Unity Bank receives IT certification

    Unity Bank Plc has received the Payment Card Industry Data Security Standard certification, the global information security standard that helps prevent card-related fraud, the lender said in a statement.

    Presenting the certificate to Unity Bank, Mrs. Adedoyin Odunfa, Managing Director of Digital Jewels, a consulting firm on the project, said Unity Bank – which currently issues MasterCard and Interswitch Verve cards to its customers – had demonstrated leadership in the industry, being the fifth bank to receive the certification in the country.

    Mrs. Odunfa said: “After achieving the ISO270001 last year, Unity Bank has shown that it is one of the banks at the forefront of good security and compliance by now attaining the PCIDSS certification. You are the second bank in the country to have attained both of those certifications. That is quite a formidable feat given that there are several other banks who may claim to be more technological advanced than Unity Bank.”

    She however, advised Unity Bank’s management not to rest on its oars. “It is a feat that is evidenced by the fact that it is a global certification and not a local one and so I will like to say that having attained this, yes, we congratulate ourselves, but we must look forward and ensure that we are able to sustain this certification. That is extremely important,” she said.

    Unity Bank’s Managing Director, Ado Yakubu Wanka said the bank is aware that banking is about confidence and as the world economy moves towards card-related transactions, it becomes more important for customers to know that their data is safe with their bank.

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

  • Banks register staff for CIBN’s certification

    Banks register staff for CIBN’s certification

    Banks have begun the registration of their workers as members of Chartered Institute of Bankers of Nigeria (CIBN) to ensure professionalism, a council member of the institute, Mr Bayo Olugbemi, has said.

    He told The Nation that banks are registering their staff across board for CIBN certification, following a recent decision taken by the institute to sanction erring banks.

    He said Stanbic/IBTC, Guaranty Trust Bank PLCand First Bank of Nigeria PLC, among others, have started the exercise to encourage growth.

    Olugbemi, who is Chief Executive Officer, First Registrar Limited, said the development was informed by the need to check quacks and further ensure that only those who are fit practise banking.

    He said: “Currently, we are trying to provoke the provision of CIBN Act 2007, which stipulates that all banking practitioners must register with the institute if they want to be relevant in the industry. A number of banks are leveraging on this initiative by registering their workers across boards. We are at the implementation stage of the exercise now. We would sanction banks that fail to comply.”

    He said banks have been directed not to allow uncertified personnel to head internal audit, risk management, among other sensitive departments.

    “You cannot appoint unqualified people to head a particular department. That is our stand. Since we are regulating banks to some extent, we must have a say in whatever they are doing in line with ethics of the profession,” he added.

    According to him, the institute will enforce the provision of the Act to ensure standard in the industry.

    He said CIBN has made its examination flexible by introducing 20 different courses for practitioners, adding that excuses would not be tolerated.

    He chided banks have turned their staff to fund mobilisers, instead of pursuing ethical standards.

    The First Registrar’s boss said CIBN regarded people that are not qualified as quacks, noting that quackery is the bane of the industry.

     

  • Lawyer earns asset recovery certification

    Lawyer earns asset recovery certification

    Former Nigerian Bar Association (NBA) General-Secretary Ibrahim Mark has been awarded the Certified Specialist in Asset Recovery (CSAR) certification.
    The International Association for Asset Recovery (IAAR) said Mark, of the City Law Firm, Abuja, is among the select group to pass the rigorous CSAR certification examination.
    IAAR said in a statement that the CSAR credential is earned by individuals who pass the rigorous four-hour examination that provides a tough and objective measure of mastering the challenging field of international asset recovery.
    “For the successful candidates, the CSAR designation is a powerful evidence of highly specialised expertise that is recogised and welcomed by law firms, corporations, courts, peers, government agencies and clients,” said the President and founder of IAAR and a former federal prosecutor, Charles Intriago.
    The certification programme is administered by the IAAR, the premier membership organisation of professionals in the field worldwide.
    IAAR said the credential is an assurance to employers, colleagues and clients that a CSAR holder is serious about increasing the sums recovered from fraudsters and financial criminals following the fall of their criminal empires.
    The exam was said to have been assembled over an eight-month period by a team of 40 leading international asset recovery professionals under the guidance of an independent psychometric firm.
    It is to ensure that the certification was technically sound and legally defensible.