TheCable

The National Identity Management Commission (NIMC) has passed the ISO/IEC 27001:2013 re-certification audit.

Kayode Adegoke, NIMC head of corporate communications, said success in the re-certification exercise means that the NIMC now operates an information security management system (ISMS) that protects the data of the citizens in line with the requirements of ISO 27001:2013.

ISO 27001 is the international standard recognised for managing risks to the security of information held by an entity.

The re-certification exercise which involved evaluation of people, technology and processes within the commission was conducted by the British Standard Institute (BSI).

“The exercise, therefore, demonstrates the commission’s continuous strive for quality and safety of our systems, products and services, while embracing innovation to always perform at the optimum,” Adegoke said in a statement.

The NIMC first passed the ISO/IEC 27001:2013 certification audit in 2014.

The audit requires renewal every three years.

While receiving the certificate on behalf of the commission, Aliyu Aziz (pictured), NIMC director-general, said: “The NIMC has maintained this certificate since 2014, with an annual surveillance audit being carried out ever since by an independent third party to ensure compliance with the requirements of the standard.”

He added that “this re-certification underscores the commission’s commitment to applying global information security best practices in protecting citizens’ information while also building a culture of security and privacy in line with our organizational mandate.”

The re-certification is valid until April 21, 2020.