ENTERPRISE Group PLC has attained an ISO/IEC 27001:2022 Certification, reinforcing its commitment to safeguarding customer data in an increasingly digital and cyber-threatened environment.
The certification, completed after a rigorous assessment process, marks what the company describes as a significant milestone in its corporate governance and data protection journey.
It places Enterprise among institutions aligning with global best practice in information security management, at a time when data protection and privacy have become critical pillars of corporate accountability and customer trust.
Speaking at a short ceremony in Accra on Tuesday to formally present the certificate to the company, the Group Chief Executive Officer (CEO) of the Group, Daniel Larbi Tieku, said the move was aimed at assuring customers and stakeholders that their information was safe with the Enterprise Group.
“Today’s world is driven by data. Corporates and institutions take decisions based on data, and when customers trust you with their financial and bio data, it is only professional and logical that you safeguard that information on their behalf,” he said.
He explained that with cybersecurity becoming a major concern for corporate entities globally, it had become imperative for organisations to put in place tested systems and processes to protect the integrity of customer information.
He said the certification process required the company to review and strengthen its governance structures, internal controls, policies and procedures relating to information security.
“The process assures our customers that we are able to deliver on our promise. It demonstrates that our systems and processes have been tried and tested to protect the integrity of the data we keep on our customers,” he stated.
The Group CEO, however, emphasised that attaining the certification was not an end in itself but the beginning of a continuous improvement journey.
Governance assurance
The Lead Auditor of the certification body, Interdigicert Kenya Limited, Eric Odae, who spoke on the certification, said the milestone demonstrated Enterprise’s adherence to strict governance assurance, data privacy and cybersecurity standards.
“It goes beyond compliance; the organisation had to implement structured controls and frameworks around governance, information security, data protection and cyber security to meet the requirements of ISO 27001:2022.”
“When we talk about confidentiality, integrity and availability, we are referring to the assurance that customer data is protected from unauthorised access, that the integrity of information is maintained and that systems remain accessible when needed,” he stated.
However, he warned that the true value of the certification lies in daily discipline, vigilance and sustained risk-based thinking.
Source:
www.graphic.com.gh