Dubai, 3rd March 2010 (WAM): Dubai Electricity and Water Authority (DEWA) announced yesterday that it has attained the prestigious International Organization for Standardization (ISO) 27001 certification, thus assuring customers that their information residing with DEWA is completely protected and safe.
The ISO 27001 standard means that DEWA has achieved the highest recognisable level of data security management currently achievable. It contracted the services of IT security specialist firm Paramount as consultant and the project took less than 3 months to be complete and ready for certification, which was shorter than the intended time frame. Speaking at the formal handover of the certification, H.E. Mr. Saeed Mohammed Al Tayer, CEO of DEWA, said, "We are very pleased and proud to have crossed this milestone and be honoured with this certification. Our IT Division manages DEWAs entire IT Services, Systems and Infrastructure which caters to the business needs of DEWA using high end technology. We decided it was imperative to focus on implementing prudent information security measures by attaining an acceptable level of risk to information assets, engrain a security culture within the company and incorporate information security best practices in compliance with ISO 27001 standards. We decided to get certified in order to increase trust of customers and partners, thereby increasing the usage of our IT services which would also ensure a continuous improvement in our security posture. I would like to wholeheartedly thank and congratulate the highly competent Paramount team for providing excellent support with their professional approach and commitment, which was key in DEWA obtaining ISO 27001 certification". He added: "This ISO 27001 certification is one of many recognitions obtained by DEWA since its formation in 1992. The institution has been awarded with international acclaimed certifications like ISO 9001, EMS 14001, OHSAS 18000, Social Accountability (SA-8000), British Safety Council Five Star Award, Sword of Honour and Hall of Fame besides others. "From his side Mr. Marwan bin Haider, Deputy Chairman of IT in DEWA, said: "We have implemented an Information Security Management Programme based on the ISO/IEC 27001:2005 Standard. The Information Security Management System (ISMS) consists of structured and well defined policies, procedures and guidelines for the management of risk through prudent business practices, and the use of appropriate security mechanism. Paramount Computer Systems was selected as consultants after a comprehensive tender process and evaluation of bidders as per DEWA policy. With a strong team of consultants with good technical, audit, management skills and certifications, a broad portfolio of prestigious clients across Dubai, Abu Dhabi and other GCC countries and over six years of experience in IT security consulting and professional services, Paramount is recognized as the regions leading IT security specialist organization. Once the ISMS was established by the Information Technology Division of DEWA with assistance from Paramount, DEWA invited one of the leading certification bodies, Lloyds Register Quality Assurance Limited (LRQA) for the final certification audit in December 2009. After an elaborate audit process, LRQA recommended DEWA for ISO 27001:2005 certification. The International Organization for Standardization (ISO) develops and publishes standards that establish best practices across a variety of industries. Globally recognized, the ISO 27001 is the only auditable international industry standard that defines the requirements for an Information Security Management System (ISMS) and certifies that it is on par with global standards. It provides added credibility as it is certified by an independent third-party, and lends confidence to the organisation's management, customers, auditors and affiliates in terms of the importance and care given to security matters."Copyright Emirates News Agency (WAM) 2010.
