IndianOil R&D secures ISO 27001:2013 certification
New Delhi   28-Feb-2015

story1_a.jpg
Mr. B. P. Das, ED (I/c), R&D Centre, and Mr. Rajeev Chawla,
ED (IS), CO with the ISO 27001:2013 certificate for information
security management system.Also seen: Mr. R Suresh, ED (LT)
(extreme left) and Mr. S. Ravicharan, GM (IS),R&D Centre;
alongwith other officials of R&D Centre and CO-IS.

Adding another feather in its cap, IndianOil R&D has secured the coveted ISO 27001:2013 certification for Information Security Management System (ISMS) from STQC. Speaking at a function to commemorate the occasion, Mr. B. P. Das, ED (I/c), R&D Centre, congratulated the IS team of R&D Centre and said, “These initiatives are an attempt to integrate information security policies with business plans and follow international standards for information security. With this certification, the R&D Centre has ensured that their information security management system will effectively mitigate security threats and associated risks”, he added. Handing over the ISO certificate to Mr. Das in the presence of senior officials of R&D Centre and CO-IS, Mr. Rajeev Chawla, ED (IS), CO; said, IndianOil understands the value of IT investments. Realising the threat to our IT infrastructure, the IT departments have installed several controls to protect our information assets from external and internal attacks.

Adoption of ISO standards is an assurance to our employees, customers and other stakeholders that the Managements is sensitive to the information security risks and takes steps to mitigate them.

The ISO 27001:2013 certification is an independent third party testimony for diligently following the international best practices to ensure information security. The rigorous audit process was conducted in two stages and culminated with the SQTC team appreciating the efforts of IS team at R&D Centre and complimenting the management for displaying such commitment towards the cause of the certification. In the light of the formulation of the IT Act as well as the National Cyber Security Policy 2013, the importance of security certification as a legal and regulatory requirement has increased.