Bank of Kigali PLC announces to have been ISO 27001:2013 certified early this year, an indicator that the Bank has met global standards in processing and storage of the information assets as required by the framework for Information Security Management System (ISMS). This includes all policies, procedures and processes relevant to how bank’s information assets are controlled and used.

The ISO 27001:2013 Certificate was awarded to Bank of Kigali PLC by the International Organization for Standardization (ISO), which is a global body that collects and manages various standards for different disciplines anchored by Certification Board (PECB).

Digital Jewels, an IT GRC Consulting and capacity building Firm certified to the Global Information Security and Quality Management Standards (ISO27001 & ISO9001) with deep competences in Information and Cyber Security, IT Governance and Project Management provided support to Bank of Kigali PLC towards the achievement of its certification to the global Information Security Standard - ISO27001.This process based management standard is focused on securing the Bank’s information assets and managing downside risk. The ISO27001 standard consists of management clauses and controls that aim to instil a continuous improvement culture focused on securing and protecting information assets.

“For Bank of Kigali Plc, the process for attaining certification to the standard was rigorous and involved widespread capacity building, an assessment of the Bank’s processes, policies and procedures against the requirements of standard, an assessment of the risks to its information assets, a plan and process to treat unacceptable risks, a period of remediating gaps in physical, technical and administrative security and then preparing for and getting certified though audit” testified Adedoyin Odunfa Digital Jewels’ Managing Director

The certification testifies that Bank of Kigali’s systems are cyber resilient and protects the confidentiality, integrity and availability of information assets from all threats in relation to the processing, transmitting and storing sensitive information. This is an indication that the bank’s key ICT infrastructure and information are protected and administered according to the accepted international standards.

“This certification is a statement of our commitment towards our customers to increase their satisfaction. We are dedicated to continue working hard to ensure the safety of our customers’ data, put extra effort to improve digital transactional channels thus help our clients feel safe to bank with us” said Dr. Diane Karusisi, Bank of Kigali CEO.

Innocent Muhizi, CEO of Rwanda Information Society Authority (RISA) congratulated Bank of Kigali for the great milestone and urged more institutions to enhance protection of customers’ sensitive data.

“The certification is a fruit of Bank of Kigali’s efforts to protect data of its clients, staff and partners. This great milestone proves its credibility and reflects great relevance attached to valuing customers,” he said

The ISO certification comes at a time when Bank of Kigali and the entire financial sector are embarking on rolling out digital services and financial technology which could be compromised by cyber security threats.