The Securities and Exchange Commission of Pakistan has secured Phase2 of International Organization for Standardization certification for its Information Security Management System. The certification testifies that the information handling and security (Physical & Environmental Protection) at its all departments has been managed in accordance with globally accepted standards and protocols.
The ISO 27001 is the international standard which is recognized globally for managing risks to the security of information. An independent international audit firm, M/s. Resource Inspection Canada Incorporated validated and certified SECP’s compliance with this standard. The audit adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining, and improving of ISMS.
ISO/IEC 27001 is the most widely used information security standard prepared and published by the International Organization for Standardization, the world’s largest developer of voluntary international standards. It includes requirements on how to implement, monitor, maintain, and continually improve an Information Security Management System within the context of the organization and its business needs.