ISLAMABAD: The Securities and Exchange Commission of Pakistan (SECP) has successfully completed the phase-1 scope and audit of security standard certification ISO/IEC 27001:2013 for its Information Security Management System (ISMS).
Celebrating this achievement, Chairman SECP Aamir Khan said, “We are proud to have earned this certification, attesting that our highest level of controls is in place when handling SECP’s and its regulated information.” He said the SECP has even established a governance program that includes the Information Security -Governance, Risk Management and Compliance Council (IS- GRCC) whose job is to support the ongoing information and cyber security enhancements.
“With ISO 27001 ISMS certification, we are effectively meeting the industry benchmark towards complying with information and cyber security standards,” the SECO chairman further said in a press statement.
The one of widely accepted and globally recognized certifications enables organizations to identify, prevent and defend potential security vulnerabilities. The ISO/IEC 27001:2013, awarded by the International Organization for Standardization encompasses the requirements for establishing, implementing, maintaining the information technology security techniques. This certification will help organizations keep confidential information secure, provide customers and stakeholders with confidence in how they manage risk and allows for secure exchange of information and provide them a competitive advantage.
Obtaining this certification demonstrates SECP’s strong commitment to the ongoing development and continuous improvement of its enterprise ISMS, making information security and data protection an integral part of all its business processes.
The ISO/IEC 27001:2013 certification is a showcase of SECP’s overall strategy to ensure that its key IT, data centre, human resource security, physical and environmental protection and social media security services comply with the highest international and regional standards, and that its services are based on globally accepted standards and protocols. To hold this qualification as one of the regulatory bodies of Pakistan is a significant achievement for the SECP, concluded the statement. – TLTP