Online Reporter
Herald Reporter
FBC Holdings has attained ISO/IEC 27001:2022 certification, an internationally recognised standard for information security management systems, marking a major milestone in the group’s efforts to strengthen information security, governance and risk management.
The certification covers the group’s operations, including FBC Bank, Crown Bank, MicroPlan, FBC Insurance, FBC Reinsurance and FBC Securities.
In a statement yesterday, FBC Holdings said the certification was achieved following months of preparation, independent audits, comprehensive risk assessments and organisation-wide collaboration involving teams across the group.
ISO/IEC 27001:2022, developed by the International Organisation for Standardisation (ISO), provides a framework for identifying, assessing and managing information security risks while ensuring organisations implement appropriate controls to protect sensitive information.
FBC Holdings Group chief executive Mr Trynos Kufazvinei said the certification reflected the group’s commitment to protecting information entrusted to it by customers, employees, shareholders and other stakeholders.
“The attainment of ISO/IEC 27001 certification is a landmark achievement for FBC Holdings and reflects our unwavering commitment to protecting the information entrusted to us by our customers, staff members, shareholders and stakeholders,” he said.
“In an increasingly digital and interconnected world, information security is not merely a technical requirement; it is a strategic imperative. This certification demonstrates that we have embedded internationally recognised best practices into our operations and reinforces our promise that our customers can engage with us confidently, knowing that their information remains secure.”
FBC Holdings said information security had become increasingly important as the group manages customer data, financial transactions and other sensitive records across its diversified financial services operations.
The group said the certification demonstrates that it has implemented a mature information security management system supported by robust security controls, comprehensive risk management processes and strong governance frameworks.
