Zenith Bank Ghana Limited, one of the most reputable and innovative banks in Ghana, has now obtained the internationally recognized ISO27001:2013 and PCI DSS Certifications.
ISO 27001:2013 is an information security standard published by the International Organisation for Standardisation (ISO) and International Electro technical Commission (IEC), under the joint ISO and IEC subcommittee. The standard specifies the requirements for establishing, implementing, maintaining and improving information security management across systems, people and processes. It also includes requirements for the assessment and treatment of information security risks specifically tailored to the needs of an organisation.
On the other hand, PCI DSS compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders’ personal information. PCI DSS compliance is required by all card brands. It is the global standard that any organization of any size must adhere to in order to accept payment cards, and to store, process, and/or transmit cardholder data.
These certifications will, amongst other things:
- Improve the Bank’s information security posture and in turn minimize our exposure to risks by implementing necessary controls in our procedures, processes and systems;
- Enhance the Bank’s brand perception and lend credence to the Bank’s aspiration to be the preferred financial institution in the country;
- Protect the privacy of customer information by safeguarding its confidentiality, integrity and availability;
- Reassure our customers that the Bank has put in place best practices to control and mitigate risks; and,
- Enrich customer experience with the Bank’s products and services.
Henry Oroh, Managing Director/Chief Executive Officer of Zenith Bank, said: “We are delighted to have achieved this momentous milestone. Our bank has taken another major stride in ensuring compliance with regulatory requirements in the implementation of an Information Security Management System (ISMS) that is compliant with the requirements of the International Organization for Standardization (ISO/IEC 27001:2013), as well as the Payment Card Industry Data Security Standard (PCI DSS) certification. This reinforces our commitment to embracing global best practices in ensuring the integrity of our customer data and a secure operating environment.”
The Bank employed the services of a renowned Information Value Chain consulting firm Digital Jewels Limited, to guide the Bank in obtaining these certifications. The audits and compliance validation were performed by independent auditors.
According to the CEO of Digital Jewels, Mrs. Adedoyin Odunfa, the ISO27001 standard consists of management clauses and controls that aim to instill a continuous improvement culture focused on securing and protecting information assets. For Zenith Bank Ghana, this entailed implementing processes and technology and developing skills and competencies required to safeguard critical assets. Essentially, the standard aims to take a risk-based approach to ensure the proper treatment of all risks to the institution, the Implementation of a consistent and integrated ISMS, and compliance with best practices in Information Security. The PCIDSS standard on the other hand is focused on securing card holder data in organizations that process, store or transmit such sensitive information. It is a more technical standard focused on a large set of mandatory technical and process based controls.”
While this is a significant milestone for the Bank, and a proof of the Bank’s commitment to comply with internationally recognized security standards, it is just the beginning of a long journey to enhance the Bank’s Information Security status and capability. The Bank remains fully committed to sustaining the highest standards of security for all its products, services and platforms in compliance with regulatory requirements of the Bank of Ghana and in the best interest of its valued stakeholders.
About Zenith Bank
Zenith Bank (Ghana) Limited, a subsidiary of Zenith Bank Plc, was incorporated in April 2005 under the Banking Act 2004 (Act 673) as a private limited company and commenced universal banking operation in September 2005. The bank’s parent, Zenith Bank Plc, has built a reputation as one of Nigeria’s strongest banking brands and one of the country’s largest banks by market capitalization, profitability and total assets.
Zenith Bank Ghana has followed sturdily in the footprints of its parent and is currently one of the strongest and most profitable banking brands in Ghana. Zenith is also one of the largest banks by asset size in the country. The Bank’s branding has been anchored on continuous investment in people, technology, and excellent customer service.
The Bank currently has thirty seven (37) business offices (branches and agencies) in Ghana. Other service delivery channels include the Bank’s numerous ATMs and Points of Sale terminals strategically located in various cities and towns countrywide. The bank also offers mobile and internet banking services which enable customers to access banking services on-the-go. Zenith’s main objective for deploying these state-of–the-art delivery channels is to bring banking services closer to its customers while ensuring the service is faster, easier and better than anything customers have ever experienced.
Over the last thirteen years, Zenith has improved its capacity, size, market share, and industry rankings in all parameters. The Bank has built financial, structural and technological muscle and has established its presence across the country.
Zenith Bank is a customer focused bank that places utmost priority on the satisfaction and delight of its customers. Recognising that the Bank is in business because of the invaluable support and patronage of customers, Zenith Bank has ensured that excellent customer experience is at the centre of its customer service strategy.
Zenith Bank’s goal is to be THE MARKET LEADER, in the next five (5) years with its key focus areas centred on Customer Service delivery, financial performance and brand repositioning.
About Digital Jewels Limited
Digital Jewels Limited is the only certified ISO27001/ISO9001 PCIDSS QSA professional services firm in Africa responsible for supporting the most progressive organisations in Africa today to gain accreditation to global best practice standards such as ISO27001, ISO20000, ISO22301, PCIDSS and other related standards. Digital Jewels is the leading IT GRC Consulting and Capacity Building Firm with a footprint across 9 African Counties including Ghana, Nigeria, Kenya, Rwanda and others.
