Announcement and Certification Scope: Riyad Bank has been awarded the ISO/IEC 27001:2013 standard certification for its Riyad Online Services covering Riyad Online, Riyad Mobile and Riyad Tablet. The certification is awarded by the internationally recognized British Standards Institution (BSI) as a result of demonstrating successful implementation of information security controls and enforcing a robust Information Security Management System.
Strength: The certification strengthens Riyad Bank’s security posture and ensures:
Implementation of an enterprise wide program with top management commitment to ensure all information security controls meet the organization’s information security needs, regulatory body requirements and customer information assurance
Evaluation of all information security risks to Riyad Online Services including various threats, vulnerabilities and impacts
Designing and implementing a comprehensive and effective set of information security controls spread across processes, people and technology
Continuously ensure that the Information Security Controls meet security standards on an ongoing basis