VPBank awarded ISO/IEC 27001:2013 certification


VPBank has achieved the ISO/IEC 27001:2013 standard for its Information Security Management System (ISMS), applying to the provision of services to fully anonymise data and provide analytic services to external customers.

VPBank's representatives receive the ISO/IEC 27001:2013 standard for its Information Security Management System (ISMS). — Photo courtesy of the bank

VPBank has achieved the ISO/IEC 27001:2013 standard for its Information Security Management System (ISMS), applying to the provision of services to fully anonymise data and provide analytic services to external customers.

A representative from VPBank said the certification has shown the bank’s efforts to promote its prestige and image to its shareholders, partners and customers as well as following State’s regulations on information security.

To achieve the certification, VPBank has built high quality IT human resources, investing in advanced security solutions and services. It has also built a system of policies, regulations and process to ensure information security.

The application of the ISO/IEC 27001: 2013 would help the bank improve its security for IT services, reduce risks and improve service quality as well as customer reliability. In addition, the certification will raise awareness of VPBank's staff in information security as the financial industry is gradually modernised.

“In our development orientation, VPBank has always paid attention to building a suitable IT security system following international standards. The ISO/IEC 27001: 2013 certification would be a start for our long road ahead as we would continuously maintain and improve our system to reduce risks of information security,” he added.

ISO/IEC 27001: 2013 is one of the leading international standards for IT security management system. The standard was published for the first time in 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to guide businesses to assess risks and implement appropriate controls to preserve the confidentiality, integrity, and availability of assets and information systems. — VNS

  • Share: