Co-operative Bank of Kenya announced it has transitioned to the ISO/IEC 27001:2022 standard, the most recent global benchmark for information security management. It was awarded by the business standards company BSI.
The certification follows a thorough external audit that examined the bank’s security measures, including physical security, access controls, risk management, and business continuity planning. The updated standard helps the bank manage modern cyber threats and ensures the confidentiality, integrity, and availability of sensitive data.
Co-operative Bank was a pioneer in East Africa, becoming the first bank in the region to achieve the original ISO/IEC 27001 certification in 2014. According to Charles Washika, the bank’s Director of ICT & Innovations, this new certification marks the culmination of a decade of continuous investment in cybersecurity.
“Over the past decade… we’ve scaled up our investments by acquiring cutting-edge security tools, hiring qualified cybersecurity experts, and implementing new systems to address all 93 ISO/IEC 27001 controls,” Washika stated. “This sustained commitment ensures our customers benefit from the most advanced security infrastructure in the region.”
The bank’s enhanced Information Security Management System minimizes the risk of data breaches, directly benefiting customers by ensuring their personal and financial information is processed using internationally recognized security measures.
This milestone aligns with Kenya’s broader goals for a digitized financial sector and strengthens the bank’s compliance with Central Bank of Kenya (CBK) regulations. The certification reinforces Co-operative Bank’s position as a leader in regional banking and supports its strategy to expand across East Africa.
Ilias Karampoikis, Sales and Commercial Director for BSI, noted that achieving this certification shows that Co-operative Bank has taken the necessary steps to protect itself against cyber threats. “This focus on achieving digital trust is crucial in a world of technological transformation,” he said.
The ISO/IEC 27001:2022 update introduces 11 new security controls to address modern challenges like cloud security, threat intelligence, and secure coding practices. By meeting these rigorous standards, Co-operative Bank demonstrates its long-term dedication to safeguarding customer information and supporting the growth of Kenya’s digital economy.