The certification signifies that Futurebank’s IT operations conform to the Information Management System Standard – ISO/IEC 27001:2005.
Futurebank is one of the first banking institutions in the Kingdom to have compliance to ISO 27001 standard, audited by TÜV SÜD South Asia, which is a subsidiary of Germany- based TÜV SÜD Group. The ISO 27001 certification is the foremost international standard for information security management systems.
The certification scope covers Management of Information security for providing Infrastructure Setup and Support, Application Support and Maintenance, Backup, Helpdesk, Network Management, and System Administration.
Futurebank Chairman Dr. Hamid Borhani and Chief Executive Officer Dr. Valiollah Seif received the certificate on behalf of the bank, during Futurebank’s first Board of Directors meeting of 2009.
Dr. Hamid Borhani Chairman, Futurebank said “Receiving the ISO/IEC 27001:2005 certification is a milestone achievement for the bank and underlines Futurebank’s commitment to excellence and to adhering to world- class Information Security standards.”
Dr. Valiollah Seif, Chief Executive Officer and Managing Director, Futurebank said,
“Our employees realise the paramount importance of information security in the banking industry and this validation from the TÜV SÜD Group further reinforces our ability to deliver secure banking services to our valued customer base. The certification and audit was performed in a highly efficient and timely manner and I would like to recognise the efforts of our skilled IT Department who played a pivotal role in this process,”
Mr. Hossein Rezaee, Head of IT said, “Futurebank is dedicated to providing the highest quality of products and services to its customers and the implementation of this world- renowned certification will further reassure our customers about the high calibre of the systems we have in place to safeguard their information with us.“
ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the bank’s overall business risks. The certification is designed to ensure the selection of adequate and proportionate security controls that protect information assets.
TÜV SÜD conducted the audit in two specific stages. Stage One involved a review of all Futurebank security and risk related documentation including the Statement of Applicability (SoA) and Risk Treatment Plan (RTP).
Stage Two included a detailed audit and testing of the effectiveness of the information security controls stated in the SoA and RTP.
Monday, February 2- 2009 @ 16:22 UAE local time (GMT+4) Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of Mediaquest FZ LLC.