Flour Mills of Nigeria Becomes First Indigenous Firm to Get ISO 27001 Certification

Femi Ashekun/

Flour Mills of Nigeria PLC, a leader in the Fast-moving consumer goods (FMCG) has passed the PECB ISO 27001certification audit for its Information Technology (IT) and cybersecurity framework and policies.

This certification has placed Flour Mills of Nigeria PLC as the foremost Nigerian firm in the FMCG sector to be presented with such a certification.

ISO 27001(Information Security Management System) is the most recognised international standards for information security management for any organisation globally. It provides clear processes for effective implementation and continuous mitigation to data/security breach for any organisation.

This certification has therefore placed Flour Mills of Nigeria PLC as an organisation that is in line with the global best practices when it has to do with cybersecurity and data breach.

The PECB ISO 27001 Certification was facilitated by Nigeria’s cybersecurity firms, Kecam Technologies Limited and DataSixth CyberSecurity Limited. These firms in line with an international recognised audit firm conducted series of interviews, ensured that the right implementation was in place and also guided the organisation to achieve the PECB ISO/27001 certification.

On the importance of the certification to Flour Mills of Nigeria PLC, Omoboyede Olusanya, Group Managing Director/CEO said, “We appreciate this certificate and the credit should go to the team that ensured that this happened. This is a document that shows that we have done something and we are very particular in the areas of cybersecurity. We are desirous to build a world-class organisation. It is a process and it is an engrained process, there is a continuous stride that we have here. We will keep improving.”

Speaking to the media, Serge Yao, the Group Head of Information Technology (IT), Flour Mills of Nigeria PLC said, “This certification brings reassurance to business’s cybersecurity posture. It proves that we have well-defined system to handle cyber-attacks and cybersecurity. This certification testifies that FMN take seriously the confidentiality of information asset and IT risks are controlled. (Financial loss and damage to reputation are mitigated).

“We started our cybersecurity program 14 months ago; the whole organisation was engaged, and I want to thank FMN leadership team for the continuous support. It has been a transformational journey for all our employees toward cybersecurity; weak areas were exposed and rectified. Globally targets for cyber-attacks have shifted toward manufacturing firms; so, we must mitigate IT risks and potential damage. We are the first indigenous FMCG to be certified and many more will follow for sure. This is a beginning, and we will continue to follow the best practices and ensure that we have our recertification next year. “

On the importance of certification, Bonny Mekwunye, the Chief Executive Officer of Kecam Technologies Limited, an indigenous Cybersecurity company in Nigeria said, “About 10.5 trillion dollars will be the cost of cybercrime by the year 2025, what does this mean, it is basically that many organisations will be exposed to cyber-attack, it is important that organisations must start thinking how to build their cyber security framework such as people, processes and technology.

“This is where ISO certification comes in. This is a globally recognised body that is designed for organisations that are desirous and serious to look into their cyber security processes. Flour Mills Nigeria PLC has seen the relevance to protect their digital infrastructure and we were invited to provide a consulting service with our other partner which is DataSixth CyberSecurity Limited. This certification means that they are globally recognised in the area of data security just like other big firms in the world.“

The country manager of DataSixth CyberSecurity Limited, Happiness Obioha said, “This certification is all about data security for the organisation and the need to have a round the clock continuous protection. This is a bold step for Flour Mills of Nigeria PLC. There is cyber resilience and they are sure that their critical infrastructure is protected. This certification demonstrates that the organisation is equal to task in the area of cybersecurity and it shows that they are digitally inclined. This certification will build a lot of moral, trust and confidence for the organisation and their stakeholders.”

The ISO 27001 is a globally acceptable certification for organisations that are desirous of strengthening the IT and cybersecurity frameworks. It uses a top down, risk-based approach and most time it is technology-neutral. The approach mostly is in six phases such as the organisation’s security policy, the scope of their Information Security Management System, risk assessment, how they manage identified risks, how objectives and controls are implemented and statement of applicability.

0