Nations Trust Bank PLC has been certified ISO/IEC 27001:2013 Information Security Management Systems (ISMS) compliant for its Management of Information Security pertaining to IT Services and Infrastructure provided by the Information Technology division.

ISO/IEC 27001:2013 is the de facto international standard for Information Security Management System. The standard included 18 domains and 114 controls to ensure protection of information assets. It adopts an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.  

There are overwhelming amount of reports suggesting that Internet facing systems receive number of probes every day. Current threat landscape has changed rapidly resulting businesses to firefight against attackers to protect their information systems.

ISO/IEC 27001:2013 Certification enforces most stringent controls to ensure ample security measures are implemented to protect Bank’s information assets. The ISMS management system provides a framework for establishing information security policies, procedures and associated practices, risk assessment and risk treatment, management of information assets, human resources security, operational security, physical and environmental security, communication and operational security, acquisition and maintenance of information systems, information security incident management, vulnerability management, compliance, security in supplier management and business continuity and disaster recovery.

Key benefits of being certified by ISO27001 are Management commitment to protect information security is sets tone from the top, provides framework for addressing security issues by helping to identify and manage risks, provides assurance to management , customers and business partners, improves security awareness within Bank, improves repeatability of good practices.