KTC Celebrates 4 Consecutive Years of Information Security Management System and Privacy Information Management System Certifications.

Mr. Rathian Srimongkol,(center right),President and Chief Executive Officer of “KTC” orKrungthai Card Public Company Limitedtogether with representatives of all business units recently received two certificates of ISO/IEC 27001: 2013 for information security management system and ISO/IEC 27701: 2019 for privacy information management system.  KTC is the first and only financial service provider in Thailand that extended the ISO standards for the entire organization including the Data Center and each process from upstream to downstream of core businesses; e.g. credit cards, personal loans, and payments.  The successive certifications promote confidence and prove that KTC has focused on efficient management systems to protect and reduce the risk of breach of privacy information for our customers and all stakeholders.Mr. Bookalakorn Jaidee, (center left),Sales and Marketing Manager of BSI Group (Thailand) Co., Ltd., The British Standards Institution, honorably handed over the certificates at KTC, UBC II Building.

---------------------------------------------------

Note to Editors

ISO/IEC 27001: 2013 and ISO/IEC 27701: 2019are issued by The British Standards Institution-BSI by accessing and checking KTC’s procedures to reach the international standards and certify that KTC has managed and protected the privacy information of the company, stakeholders, customers for the confidentiality, integrity, and availability with the efficient Information Security Management System: ISMS and Privacy Information Management System: PIMS.

ISO/IEC 27001: 2013is an international standard for information security management system for an organization to apply the requirements to execute risk assessment, security design, and implementation, including information security management in both digital and document formats.  It is the international standard that certifies that the organization has taken the necessary steps to work in line with laws, regulations, rules, terms, and conditions related to sensitive information.

ISO/IEC 27701: 2019 is a standard that is an extension of privacy protection from ISO/IEC 27001: 2013 and ISO / IEC 27002 to enable organizations to effectively manage their Personal Information (Privacy Information Management System (PIMS) and apply to be in line with the Personal Data Protection Act 2019.  This standard strengthens the existing information security management system and reduces the risk of breach of privacy for both employees and corporate customers.