Oct 2, 2025 | 5:17 am UTC

BOI scales up data protection, bags ISO 27701 certification

By Favour Okpale | 2 min read | Businessday | 2 days ago | 745 views
BOI scales up data protection, bags ISO 27701 certification



The Bank of Industry (BOI) has attained a significant milestone in its data privacy and information security journey, earning the ISO/IEC 27701:2019 certification for Privacy Information Management Systems (PIMS).

The certification, awarded by the British Standards Institution (BSI)—a globally recognised authority in standards auditing and certification—builds upon the Bank’s existing ISO/IEC 27001:2022 certification, which it first secured in 2019.

As the leading international privacy standard, ISO/IEC 27701:2019 provides a framework for managing personally identifiable information (PII) and aligns with global data protection regimes such as the General Data Protection Regulation (GDPR), Nigeria Data Protection Regulation (NDPR), and other internationally accepted privacy laws.

BOI’s successful certification demonstrates the institution’s ability to implement a robust, structured system for handling sensitive data related to customers, employees, and third parties.

The framework enforces stringent privacy controls, embeds privacy protocols into information security operations, and clearly defines the roles and responsibilities necessary for effective data protection.

BOI now holds the distinction of being the first Development Finance Institution (DFI) and the second bank in Nigeria to be awarded this privacy-focused certification.

The achievement reinforces the Bank’s commitment to international best practices in data governance, further strengthening its reputation as a secure and trustworthy financial institution in Nigeria’s development finance landscape.

Commenting on the development, Olasupo Olusi, managing director and chief executive officer of BOI, said: “This certification represents a proactive commitment to privacy management. It reinforces trust in our ability to protect the data of customers, partners, and stakeholders while meeting the highest international standards.”

The certification covers the entire lifecycle of Personally Identifiable Information, from data collection and storage to processing, sharing, and secure disposal.

It recognises BOI’s dual role as both a PII Controller and Processor, affirming that the Bank has implemented comprehensive privacy controls across its physical and digital infrastructure.

With the increasing importance of data protection in the digital economy, BOI’s achievement reflects a strategic move to align its internal systems with evolving regulatory and compliance expectations.

The bank’s ability to meet the rigorous criteria set by BSI also demonstrates its operational resilience and forward-looking approach to risk and privacy management.

The recognition further enhances its institutional credibility, positioning it as a leader in privacy information management within Nigeria’s banking and development finance ecosystem.



Source: Businessday

Leave a Reply

Your email address will not be published. Required fields are marked *

More News to Read