PenCom Recertified for ISO 27001:2022
By Patience Ikpeme
The National Pension Commission (PenCom) has successfully achieved recertification under the internationally recognized ISO 27001:2022 standard for Information Security Management Systems (ISMS).
This accomplishment underscores PenCom’s dedication to safeguarding the sensitive data of Nigeria’s pension contributors and retirees.
In a statement released by the Commission, Director-General Ms. Omolola Oloworanran emphasized the significance of the ISO 27001:2022 standard, which provides a robust framework for organizations to protect their information assets.
PenCom’s recertification, following a rigorous audit by the Professional Evaluation and Certification Board (PECB), Canada, confirms its adherence to the highest standards of data security.
The ISO 27001:2022 certification covers four key control categories: Organizational, People, Physical, and Technological. PenCom’s successful evaluation across these areas demonstrates its commitment to establishing and maintaining robust security measures.
Ms. Oloworanran noted that PenCom’s previous certification under ISO 27001:2013 in 2021 laid a strong foundation for its commitment to data security. However, the transition to the latest standard was necessary to address the evolving nature of cyber threats and ensure that PenCom’s security measures remain aligned with industry best practices.
As the regulator of Nigeria’s pension industry, PenCom plays a crucial role in overseeing the management and security of the nation’s pension data. The Commission’s recertification provides assurance to stakeholders that their personal and financial information is protected from unauthorized access, breaches, and other security incidents.
PenCom’s commitment to information security extends beyond compliance with the ISO 27001:2022 standard. The Commission is actively investing in technology, staff training, and process improvement to ensure that its security measures remain effective in the face of emerging threats.
This recertification also enhances PenCom’s capacity to guide Licensed Pension Fund Operators (LPFOs) towards adopting best practices in information security. By demonstrating its own commitment to data security, PenCom can set a high standard for the industry and contribute to the overall protection of pension data in Nigeria.