World class standard for SriLankan Airlines’ IT systems

SriLankan Airlines has been awarded the ISO/IEC 27001:2005 accreditation for its Information Security Management System (ISMS), certifying that its business operations conform to global standards in information security.

The National Carrier is one of less than half a dozen companies in Sri Lanka to obtain this certification and stands tall as one of the few airlines in the world to obtain this certification.

SriLankan’s Head of Information Technology Kamal Nanayakkara said: “We are proud to say that we achieved the certification solely with in-house expertise unlike most other companies which relied on external partners.”

SriLankan’s IT systems have in recent times achieved global recognition. Last November, the UK ’s Chartered Institute of Management Accountants (CIMA) awarded it global second place for its groundbreaking efforts in Business Intelligence.

The airline also won two Platinum Awards from the International Air Transport Association (IATA) last year as one of the first airlines in the world to introduce a major innovation to tickets. SriLankan also won a Merit Award at the Sri Lanka ’s National Best Quality Software Awards 2010.

 “The ISO/IEC 27001:2005 standard signifies information security governance with explicit management control. All customers, business partners and other stakeholders can now be fully assured with regard to the security of any data stored and processed at SriLankan’s IT Division. This certificate is also proof of our comprehensive programmes to ensure business continuity in the face of unforeseen challenges in the future,” said Nanayakkara.

ISO/IEC 27001:2005 details a management system to provide the highest level of management control for information security. The standard has been set by the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC). The United Kingdom Accreditation Services (UKAS) accredited certification was awarded to SriLankan following a stringent audit by Det Norske Veritas of The Netherlands.

ISO/IEC 27001:2005 audits an organization’s systematic approach to the Management of Information Systems Security, the effectiveness of an organization's commitment, and comprehensive implementation of controls to protect and safeguard the confidentiality, integrity and availability of information.

SriLankan’s IT systems have also made remarkable progress in the area of environmental conservation – significantly reducing energy usage and emissions throughout the Airline’s worldwide network of offices. The airline currently operates to 51 cities in 32 countries.