The University of Embu achieves Certification to ISO 27001:2013 and Recertification to ISO 9001:2015
On 28th June 2018 the University of Embu became not only the first University but also the first Education Institutional in Kenya to attain ISO 27001:2013 Certification. ISO 27001:2013 is an internationally recognized standard for Information Security Management Systems (ISMS).
The certification and implementation of the Information Security Management Systems is hedged on 3 key areas; Confidentiality, Integrity, and Availability. These key areas will ensure that information is secure and complies with the highest standards of Information Security Management. The certification also reaffirms the University’s continuous effort in redefining its processes and ensuring security, accuracy and availability of information.
The landmark achievement is also coupled with the recertification to ISO 9001:2015 Quality Management Systems. The transition from ISO 9001:2008 to ISO 9001:2015 validates the University’s unrelenting adherence to best practices and processes.
“The journey to recertification ISO 9001:2015 was not a walk in the park. This is a major accomplishment for the University. I strongly believe transiting from ISO 9001:2008 QMS to ISO 9001:2015 and certification to ISMS based on 27001:2013 standards will transform the University of Embu and elevate its rank,” says Professor Daniel Mugendi, University Vice-Chancellor.
Professor Mugendi lauded the efforts of the steering committee for their unrelenting undertaking in accomplishing the impossible task. He singled out Professor Kotut, Quality and Information Security Management Representative for spearheading the project.
“It’s my belief that recertification to ISO 9001:2015 Quality Management System and certification to ISO 27001:2013 is an affirmation of the institution’s ability to consistently demonstrate its commitment to best practice, efficiency and sustainability, an indication that in the University of Embu, excellence comes first,” added Professor Kotut, the Deputy Vice-Chancellor Academic, Research and Extension (DVC-ARE) and Quality and Information Security Management Representative (QISMR). “Our guiding principle is Excellence in Service Delivery. It is our commitment to always strive to meet and exceed the expectations of our customers”.
The QISMR said that he believes that implementation of the two systems would streamline all the University’s processes. He was quick to recognize, that Dr. Kirema Nkanata, Director PC & ISO played a pivotal role in bringing the project to conclusion and spearheading the implementation of the standards.
“We are determined to continue implementing the Quality Management and Information Security Management Systems. Information security and quality service delivery are the top priority for the University of Embu,” said Dr. Kirema Nkanata, Director PC & ISO. “The attainment of these standards boosts the confidence of all our stakeholders that we are not only fully focused on quality standards but ensuring confidentiality, availability and integrity of information,” he added.
The development of risk registers, procedure manuals, policies and guidelines of the University processes will not only ensure consistency in service delivery but also compliance to statutory and legal requirements. It will also prevent leakages of information, boost customer confidence and aid in decision making.
The achievement comes after the University went through an eight steps comprehensive process guided by Maier Consulting Limited from May 2017 to June 2018.