19 September 2017

Rwanda: What the New Iso Certification Means for Central Bank

The National Bank of Rwanda early this month received International Organisation for Standardisation (ISO) certification for meeting standards in Information Security Management System.

The bank received ISO 27001:2013 certification becoming the first institution in the country as well as in the East African Community.

The certification means that the regulator has met global standards in processing transmission and storage of digital information and information processing assets of the bank.

According to experts, the certification means that bank's systems can protect the confidentiality, integrity and availability of information assets from all threats in relation to the processing, transmitting and storing sensitive information.

The certification follows processes of establishing and implementing risk based information security controls as well as updating operational procedures of business functions.

According to the regulator's ICT officers, the bank also moved to comply with statutory regulatory requirements and contractual security obligations as well as spreading security awareness amongst staff, interns, service providers, third party contractors and end users of the bank's information systems.

The certification comes at a time when the country and the central bank are embarking on rolling out cashless economy systems and financial technology which could be compromised by cyber security threats.

Information security

According to a statement by the central bank, in light of the ever-growing cyber security threats, the development adds a layer of information security governance where by the bank's key ICT infrastructure are protected and administered according to the accepted international standards.

"BNR being ISO 27001:2013 certified as the central bank and a regulatory body in the financial sector was also determined by its parties including staff, service providers, network providers, assessors and auditors, vendors and suppliers of goods and services, customers both financial sectors, public institution, ministries, statutory authorities like World Bank, IMF, African Development Bank (ADB," the statement reads in part.

Justin Rurazi, the director-general of ICT development at the central bank, told The New Times last week that the global certification is a chance for them to set standards for players in the financial sector in the Information Security Management System.

"Now that the National Bank of Rwanda is certified, it serves to increase the confidence in the security of our systems amongst players as we roll out cashless systems in the country," he said.

The ranking also serves to build trust and confidence among the interested parties that their data and other information is protected, thereby improving the value and customer satisfaction.


Mobile Phone Subscriptions Grow By 1%

The number of Rwandans using mobile phones increased marginally at the end of July, the latest mobile telephone… Read more »

See What Everyone is Watching

Copyright © 2017 The New Times. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 700 reports a day from more than 140 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.