Sri Lanka Insurance achieves milestone with ISO/IEC 27001:2013 certification for information security management

Wednesday, 10 January 2024 00:00 -     - {{hitsCtrl.values.hits}}

From left: SLIC Deputy General Manager - Digital Transformation Rajaratnam Ruban, SLIC Chief Information Officer Aloka Jayawardena, SLIC Group Chief Executive Officer Chandana L. Aluthgama, Bureau Veritas Country General Manager Shan Nanayakkara, Bureau Veritas Manager - Marketing & Sales – Certification Service Line Subash De Silva and Bureau Veritas Business Development Executive Basith Ali


In a significant achievement, Sri Lanka Insurance (SLIC), the country’s largest and strongest insurance provider, has been successful in receiving the ISO/IEC 27001:2013 standard accreditation, the foremost benchmark for Information Security Management Systems (ISMS). 

This marks the first time Sri Lanka Insurance has received this prestigious certification, emphasising the company’s unwavering commitment to information and data security. The certification was awarded by Bureau Veritas Lanka subsequent to a comprehensive audit.

ISO/IEC 27001:2013 is the globally recognised standard for Information Security Management Systems, providing a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity and availability. This certification validates that Sri Lanka Insurance has implemented robust security measures to protect the confidentiality, integrity, and availability of its information assets.

Sri Lanka Insurance’s dedication to information and data security goes beyond compliance; it is a commitment to safeguarding customer trust and maintaining the highest standards of confidentiality. With this certification, customers can be assured that their sensitive information is handled with utmost care and protected against potential threats.

Commenting on the achievement, SLIC Group Chief Executive Officer Chandana L. Aluthgama stated, “Obtaining the ISO/IEC 27001:2013 certification is a testament to our relentless pursuit of excellence in information security. At Sri Lanka Insurance, we recognise the importance of safeguarding our customers’ sensitive information and have invested significantly in ensuring the highest standards of data protection. This achievement reflects our dedication to providing secure environment for our customers and strengthens our position as a leader in the insurance industry.”

ISO/IEC 27001:2013 is an internationally recognised standard developed by the International Organisation for Standardisation (ISO) and the International Electro-technical Commission (IEC). It outlines the requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). The certification is awarded by accredited certification bodies after a thorough assessment of an organisation’s information security practices.

Sri Lanka Insurance’s attainment of the ISO/IEC 27001:2013 certification showcases its commitment to global best practices in information security, providing customers and stakeholders with the assurance that their data is handled with the highest level of care and diligence.

COMMENTS