Khan Bank JSC received IAS-accredited ISO/IEC 27701:2019 Certification for Privacy Information Management Systems (PIMS). Moreover, the scope of the certification includes the Implementation of PIMS for the activities Covering Core Banking, Retail Banking, e-Banking, Corporate Banking, SME Banking, Card Management, ATM Management, Loan Management and associated support functions Information Technology, Data Centre Management, Risk Management, Finance, Human Resources, Physical Security, Customer Experience and Vendor Management at Head Office, Jukov Office, Seoul Street Office and Branch Offices impersonating as data controller for collection, processing and use of PII (Personal Identifiable Information).
Apart from this, Khan Bank JSC can also apply for the General Data Protection Regulation (GDPR) to safeguard the personal and confidential information of clients, customers, and stakeholders. Additionally, the bank can also apply for Vulnerability Assessment and Penetration Testing (VAPT) and ISO 22301:2019 Certification for Business Continuity Management Systems (BCMS).
What is ISO/IEC 27701:2019 Certification?
ISO/IEC 27701 certification is well-known and universally used for Privacy Information Management Systems (PIMS). The certification aims to protect the users’ and clients’ sensitive and confidential data by offering the users control to manage their information. The ISO/IEC 27701 certification also outlines the framework for the organisation to monitor, implement, maintain, and continually improve the PIMS policy and guidelines.
The ISO/IEC 27701 standard is an extension to ISO/IEC 27001:2022 Certification for Information Security Management Systems (ISMS). Moreover, the ISO/IEC 27701 standard also designs controls for organisations to manage Personally Identifiable Information (PII) processors and controllers.
Benefits of ISO/IEC 27701 standard for Khan Bank JSC
The following are the benefits of ISO/IEC 27701 for Khan Bank JSC:
- Khan Bank JSC must execute a privacy impact assessment (PIA) to remove non-conformities. Furthermore, it also provides agility to organisations and helps them incorporate changes into PII.
- Khan Bank JSC is required to implement data protection controls based on the principles of PIMS. As a result, the certification provides better controls for the organisation to maintain and monitor the confidential data of clients and customers.
- Kan Bank JSC shall implement appropriate controls and security measures to safeguard PII against unauthorised access, destruction, and modification.
- The certification requires the organisation to prepare an appropriate plan to respond against malware and data breaches.
Conclusion
Khan Bank JSC has received IAS-accredited ISO/IEC 27701:2019 Certification for Privacy Information Management Systems (PIMS). Moreover, obtaining an ISO/IEC 27701 standard demonstrates the bank’s commitment and dedication to safeguarding the private and sensitive data of clients, customers, and stakeholders.
