TMCnet News
NIMC Receives Information Security Certification(AllAfrica Via Acquire Media NewsEdge) The National Identity Management Commission (NIMC) has been awarded the ISO 27001 certification for information security management. The organisation said the certification has confirmed that all sensitive citizens and client information are secured and managed at the highest international standards. Speaking to newsman, the Director-General/CEO of the Commission, Mr. Chris Onyemenam, said the successful ISO 27001 certification audit for the Commission showed that all activities in and around the NIMC was up to security recommendations and standards. Onyemenam explained that the International Organization for Standardization (ISO/IEC) 27001certification is the international code of practice for Information Security Management System (ISMS). "It formally specifies a management system that brings information security under explicit management control; before an organization can adopt the ISO/IEC 27001 standard, it has to be formally audited and certified as compliant with the standard," he said. Onyemenam also explained that the ISO 27001certification means that NIMC has been independently verified and awarded the only internationally recognised and most prestigious information security standard available. "To get the certification, the Commission has to ensure that all information gathered in and around the workplace was well protected; since it has become increasingly reliant on information technology systems." He added that protecting the NIMC assets becomes more important than ever before because "as the NIMS Project progresses, it will become more complex and interconnected, increasing potential risk to its operations; by attaining the ISO 27001 certification, NIMC's Information Security Management System (ISMS) is rated as compliant with best international practice, controls and industry standards. "The ISO 27001 management system is for the protection of information assets from a wide range of threats in order to ensure business continuity, minimize business risk, and maximize return on investments and business opportunities," he said. Some other benefits of this certification, he noted, include demonstrable commitment to security by the organisation, legal and regulatory compliance, better risk management, commercial credibility, confidence, and assurance, reduced costs, clear employee direction and improved awareness. According to the NIMC boss, this standard applies to all information of NIMC which includes but is not limited to the national identity database, network and communication links, work stations (laptops, desktops), servers, software, network devices (switches, Wireless routers, wired routers, gateways, bridges), network accessories (cables etc), software licenses, printers, scanners, data capture machines and all associated data and information. NIMC said the Ambassador/Head of Delegation of European Union (EU) to Nigeria and the Economic Community of West African States (ECOWAS), His Excellency, Ambassador Michel Arrion had cautioned the Commission to be careful with human rights issues and protect data captured from citizens and legal Residents of the country with every sense of authority, discipline and integrity. "With this certification, the ISO 27001 provides the commission with the assurance of knowing that all NIMC information is protected; every reputable organisation strives for this because it helps improve the efficiency and effectiveness of any work place. "The ISO 27001 certification audit is the foremost auditable information security standard subscribed to by about 150 countries globally," Onyemenam explained. Copyright This Day. Distributed by AllAfrica Global Media (allAfrica.com). |