Fairfirst’s focus on maintaining best-in-class technological practices is closely associated with its brand values of Empathy, Authenticity, Transparency, and Social Responsibility. As a result, the company’s effort to uphold such high standards at all times is evident in the recent accomplishment of renewing its ISO/IEC 27001:2013 Certification for the fourth consecutive year. Renewal of this Certification has been authorized by Bureau Veritas Lanka (Pvt) Ltd. following a four-day comprehensive audit, a spokesman for the Company said.
ISO 27001 is an accreditation awarded by the International Organization for Standardization (ISO), which contains a set of high-level standards for handling information securely. This set of standards helps organisations keep their information assets secure. The cornerstone of ISO 27001 is the assessment and management of risk. To obtain this certification, a company must design and implement an Information Security Management System (ISMS) containing relevant controls to ensure the confidentiality, integrity, and availability of information, he added.
The ISO 27001 provides requirements for the ISMS, outlines a set of best practices, and details the security controls to manage information risks. The ISMS addresses not only how the technology handles information, but also how people and processes within a business can handle information securely.
The recertification of ISO/IEC 27001:2013 covers the scope of Fairfirst’s Data Centre’s Internal Operations, Infrastructure, Support Services, Management, and Maintenance of Hosting of Network Services by ensuring confidentiality, integrity, and availability of information assets. Therefore, establishing, implementing, maintaining, and continually improving an ISMS within the context of Fairfirst’s operations has resulted in its assurance of consistently providing products and services that meet the needs and expectations of the customers, which improve working relationships and retains existing clients, he said.
Further, committing to information security via the Standard gives Fairfirst a competitive advantage, which allows them to stand out through the clutter as an entity that respects and is sensitive about Information Security when dealing with modern-day clients, be it an individual or a business.
Fairfirst Insurance Chief Technology Officer, Clement Fernandopulle said, “Trust is important to us, and we’re committed to protecting our clients’ data. We believe that having the highest standards of information security for ourselves and our clients sets us apart from the competition. And we can guarantee this because the ISO /IEC 27001:2013 certification provides a framework and checklist of controls that allow us to maintain a comprehensive and continually improving model for information security management. Further, auditing our processes every six months helps us to ascertain our information security.”