In a significant achievement, Sri Lanka Insurance, the country’s largest and strongest insurance provider, has been successful in receiving the ISO/IEC 27001:2013 standard accreditation, the foremost benchmark for Information Security Management Systems (ISMS). This marks the first time Sri Lanka Insurance has received this prestigious certification, emphasising the company’s unwavering commitment to information and data security. The certification was awarded by Bureau Veritas Lanka (Pvt) Ltd. subsequent to a comprehensive audit.
ISO/IEC 27001:2013 is the globally recognized standard for Information Security Management Systems, providing a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability. This certification validates that Sri Lanka Insurance has implemented robust security measures to protect the confidentiality, integrity, and availability of its information assets.
Sri Lanka Insurance’s dedication to information and data security goes beyond compliance; it is a commitment to safeguarding customer trust and maintaining the highest standards of confidentiality. With this certification, customers can be assured that their sensitive information is handled with utmost care and protected against potential threats.
Commenting on the achievement Group Chief Executive Officer of Sri Lanka Insurance Mr. Chandana L Aluthgama stated, ‘Obtaining the ISO/IEC 27001:2013 certification is a testament to our relentless pursuit of excellence in information security. At Sri Lanka Insurance, we recognise the importance of safeguarding our customers’ sensitive information and have invested significantly in ensuring the highest standards of data protection. This achievement reflects our dedication to providing secure environment for our customers and strengthens our position as a leader in the insurance industry.’
ISO/IEC 27001:2013 is an internationally recognized standard developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It outlines the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). The certification is awarded by accredited certification bodies after a thorough assessment of an organization’s information security practices.
Sri Lanka Insurance’s attainment of the ISO/IEC 27001:2013 certification showcases its commitment to global best practices in information security, providing customers and stakeholders with the assurance that their data is handled with the highest level of care and diligence.