Global InfoSwift’s role in FirstBank’s foreign certifications

olabisiFirstBank of Nigeria plc, which was recently named Nigeria’s number one banking brand by a London-based company, has shown that in some cases age is strength and the older it grows, the more useful it becomes. Established in 1895, the bank is constantly re-inventing itself and the processes in its continuous efforts to satisfy customers.

Through its transformation project, which began in 1996, the bank has successfully revolutionised its operations, strengthened its brand equity, enhanced customer satisfaction, and established itself as a dependably dynamic global brand.

Last week, the British Standards Institution (BSI), a leading organisation in the field of auditing management systems and processes, awarded the bank BS25999 Business Continuity Management System certification, enhanced certification for the ISO 27001 and the ISO38500 IT Governance certification.

While the BS25999 Business Continuity Management certification is a clear demonstration of the highest level of evidence that the bank’s activities and services will not be disrupted or impaired as a result of man-made or natural disasters, the certification for ISO27001 is an enhanced version of the Information Security Management System earlier awarded the bank in September 2010.

The third certification, ISO38500 IT Governance Certification, provides guiding principles for the bank on the effective, efficient and acceptable use of Information Technology within it.

Bisi Onasanya, FirstBank’s group managing director, said, while receiving the awards in Lagos that “the certification signposts the bank’s leadership position in the industry by being the first Nigerian company to receive all three certifications.

“These certifications are affirmations that our bank has adopted and complied with the highest known management standards in information security, IT governance and business continuity in the world.”

Behind these awards is Global InfoSwift, an independent Nigerian IT service provider that helped and prepared the bank for the certification. The managing director of Global InfoSwift, Solomon Edun told BusinessDay that his company worked hand-in-hand with the bank officials in the last two years to ensure that the bank was compliant with the standards. When BSI, which is a neutral body, finally came to audit, it realised that the bank has met all the requirements.

For instance, under ISO 27001, there are 133 controls and FirstBank has complied with this. According to Edun, it has become pertinent today, especially in the face of cash-lite economy that some of these standards are met to guarantee confidentiality, integrity and availability of the data of customers that are in banks’ custody. The certification is not just the certificate that organisations put on the wall, it is to give stakeholders the confidence that no matter what happens to the organisation, there is a plan B. There is a contingency plan to continue the business instead of closing down.

The IT solution consultant also looked at succession plan and personnel as part of business continuity initiative. For instance, no more will you see in FirstBank whole management staff travelling on the same flight. Now, they are aware and going forward, they will avoid it. With help of the IT solution consultant, the bank has developed an in-house capacity on business continuity, who audits the company before BSI comes as part of its strategy to sustain the certification.

Edun said a lot of people think that business continuity was ITDRS (Disaster Recovery System), but “business continuity covers the HR, IT, the supply chain and the employee.” Each certificate is valued for three years and it is renewable. By this teamwork with the bank’s staff, Edun said Global InfoSwift was contributing its quota to making the financial industry stronger in line with the CBN’s plans that Nigeria’s financial industry must be guided by certain standards