Access Bank Gets ISO, PCIDSS Certifications
In line with its commitment to provide exceptional experience to customers, Access Bank Ghana has received certification for ISO: 27001, ISO: 22301 and PCIDSS standards.
Together, the three certifications which were issued upon review of the Bank’s Information Technology, Risk Management and Channel Service operations, will guarantee data protection and transaction security for customers.
Commenting on the certification, the Chief Operating Officer of Access Bank Ghana, Mr. Ade Ologun said, “This is welcome news for us and all our stakeholders as it would reassure them that they can trust our business and be guaranteed of continuous improvement in the quality of service delivery. It further shows that the Board and Management of the Bank are committed to meeting internationally accepted standards regarding its banking operations here in Ghana particularly on Information Security, Business Continuity Management and Card transactions.”
Mr. Ologun further noted that besides improvements in the Bank’s resilience to cyber-attacks and reduction in the cost of business interruption insurance, the new certifications will help create an even better working environment for employees.
Access Bank employed the services of a reputable IT Governance, Risk & Compliance consulting firm, Digital Jewels Limited, to guide the Bank in obtaining these certifications. The audits and compliance validation were performed by independent auditors.
Speaking on the certifications, the CEO of Digital Jewels, Mrs. Adedoyin Odunfa stated that attaining certification to these three globally acclaimed best Practice Standards in one exercise was a significant achievement that required a strong commitment from the management team and hard work from staff.
She remarked that by attaining these certifications in information security and business continuity, the Bank had commenced a continuous improvement journey to strengthen its resilience to cyber threats alongside a wide range of other threats that can impact its performance, competitiveness and indeed continuity.
Digital Jewels, a PCIDSS QSA company with a strong track record of providing end to end support in implementing and certifying to global best Practise Standards, led the Bank through an integrated approach which ensured the Bank benefitted from synergies across the 3 standards whilst still ensuring adequate rigor was applied.
The ISO certification, which is valid for a period of three years, is subject to satisfactory surveillance audits and will also be used as a management measuring tool. The tool will be used to evaluate Access Bank’s ability to resolve information security, business continuity and card transaction issues and prescribe necessary remedies to ensure that customer needs and expectations are consistently met and surpassed.
Founded on February 23, 1947, ISO (International Organisation for Standardisation) is an international standards-setting body composed of representatives from various national standards organizations. It develops and promulgates standards which seek to ensure desirable characteristics of products and services such as quality, environmental friendliness, safety, reliability, efficiency and interchangeability -- all at an economical cost. It has its headquarters situated in Geneva, Switzerland.
Access Bank Ghana has over the last decade demonstrated a passion to deliver excellent services to its customers leading it to receive its first ISO 9001:2008 certification in 2015. The Bank continues to invest in its digital banking infrastructure to ensure customer satisfaction.
Today, Access Bank is recognized as one of the largest retail banks in Ghana based on its huge customer base and large network of branches. The Bank is a member of the Access Bank Group, headquartered in Nigeria with presence in 7 African countries, UK, the Middle East and Far East.
About ISO: 27001, 22301 and PSIDSS
The ISO: 27001 standard specifies the requirements for establishing, implementing, maintaining and improving information security management and also includes requirements for the assessment and treatment of information security risks specifically tailored to the needs of an organisation. For ISO 22301, it is intended to help the Bank prepare their business processes for crisis situations and to continue operations even under difficult circumstances.
PCIDSS guarantees the Bank’s adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information. PCIDSS is the global standard that any organization of any size must adhere to in order to accept payment cards and to store, process, and/or transmit cardholder data.