Date post: | 09-Mar-2018 |
Category: |
Documents |
Upload: | nguyenquynh |
View: | 216 times |
Download: | 0 times |
28th floor, The Gardens South Tower Mid Valley City, Lingkaran Syed Putra 59200 Kuala Lumpur, Malaysia Tel: +603 2298 7393 Fax: +603 2298 7333 e-‐mail: corp@le-‐global.com web: www.le-‐global.com
ISO 27001 Implementation and Certification Success Stories #1
Case Study: CIMB Group, Malaysia
CIMB Group is Malaysia's second largest financial services provider and one of Southeast Asia's leading universal banking groups. Formerly known as Bumiputra-‐Commerce Holdings Berhad, it has been listed on the Main Board of Bursa Malaysia, the nation's stock exchange since 1987. As at 30 September 2010, CIMB Group was the second largest company on Bursa Malaysia with a market capitalization of RM59.9 billion. CIMB Group is also the majority shareholder of Bank CIMB Niaga in Indonesia, and the single largest shareholder of CIMB Thai in Thailand. CIMB Group offers a full range of financial products and services, covering corporate and investment banking, consumer banking, treasury, insurance and asset management. We operate our business on a dual banking basis through three main brand entities -‐ CIMB Bank, CIMB Investment Bank and CIMB Islamic -‐ giving customers a choice of both conventional and Islamic solutions.
In September 2010, CIMB Group Information and Operations IT Division (CIMB GIOD IT) has selected LE Global Services Sdn Bhd out of a pool of local service providers as their ISO/IEC 27001:2005 Implementer and certification consultant for CIMB GIOD IT. The selection processes were thorough and comprehensive. Eventually, LE Global Services were selected based on our experience and reputation in the local and international IT security services arena. With the leadership of LE Global’s ISO 27001 Lead Auditors and Lead Implementers, CIMB GIOD IT was able to rapidly implement required ISO controls within a short amount of time. The efficiencies of implementation also greatly enhanced CIMB GIOD IT’s information security management systems (ISMS), as there were new controls being introduced, and existing controls being enhanced. The benefits of ISMS audit and implementation were obvious even during the process of ISO 27001 certification preparation, CIMB GIOD IT top management’s full support on the initiative has also proved to be another critical success
factor in obtaining the ISO 27001 certification at later stage. LE Global Services have recommended DQS as the ISO 27001 certification body for GIOD IT namely because of DQS’s solid background in the reign of ISO 27001 certification. DQS has certified some of the largest organizations in Europe and worldwide: Deutsche Bank Germany, T-‐Systems worldwide, Deutsche Telekom, Fujitsu Service GmbH, KPMG (Group Certification), Lufthansa Systems Infratec GmbH, Siemen AG etc.
28th floor, The Gardens South Tower Mid Valley City, Lingkaran Syed Putra 59200 Kuala Lumpur, Malaysia Tel: +603 2298 7393 Fax: +603 2298 7333 e-‐mail: corp@le-‐global.com web: www.le-‐global.com
Mr. Michael Drechsel, MD of DQS (left) handing over the ISO 27001 certificate to Mr. Iswaran Suppiah, Head of CIMB GOID IT
Figure 2 LE Global
+ GOID Team
Figure 1 DQS + CIMB GOID To
p Management
Figure 3 The fruit of hard work