Managing Director and Chief Executive Officer of Digital Jewels Limited, Mrs. Adedoyin Odunfa, has revealed that only 65 out of 7,207 registered Nigerian companies, including banks, have achieved the global best practice standard certification status as at February this year.
The number of companies with global best practice for IT standard certification status is low, according to information on the website of the Corporate Affairs Commission (CAC).
The CAC however revealed that among the 7,207 registered companies in Nigeria, 512 are from the communications sector, 1,163 are from computer and information technology sector, while 2,163 are from the financial services sector.
The abysmal low number of 65 Nigerian companies with global best practice IT standard certification, raises security concerns because of the online services that several companies offer to organisations whose data may be at risk if they do not have the standard IT certification to protect data from vulnerability.
In recent times, there have been cases where online hackers take undue advantage of weak patches on the website of most organisations to gain unauthorised entry, leading to data corruption and in most cases, loss of money.
Odunfa who delivered a paper on 'Industry Status Report' at a technology forum held in Lagos recently, said the global best practice standard certification status for Nigeria as at February this year, shows that 23 companies were certified with Payment Card Industry Data Security Standard (PCIDSS), while five others were in progress. For Information Security Management System (ISO 27001), 20 companies were certified, with another 15 in progress. For Business Continuity Management System (ISO 22301), four companies were certified and another three were in progress.
Five companies were certified with IT Service Management (ISO 20000), while two were in the process. For IT Infrastructure Library (ITIL), two companies had evidence of full implementation while one was in the process. No company has evidence of full implementation of Control Objectives for Information and Related Technology (COBIT 5), but two are in the process.
She revealed that in the banking sector, specifically for ISO 27001 certification, only nine were certified while another five were in progress, while for ISO 22301, only two were certified and four in progress. For ISO 20000 certification, only one bank was certified and two were in progress, while for ITIL standard, one bank has full implementation and another one in progress. No bank has fully implemented the COBIT 5 standard certification, even though one of the banks is in the process of doing so, Odunfa said.
Digital Jewels Limited is itself certified to the ISO 27001 standard and also a Qualified Security Assessor (QSA) for the Payment Card industry Data Security Standard, making it the first African firm to be accredited for QSA.
The Information Value Chain (IVC) technology forum where Odunfa spoke is a quarterly gathering of Information and Communications Technology (ICT) professionals. It provides a platform for knowledge sharing, information exchange and networking for executives as they climb the corporate ladder. The interactive forum helps executives to keep abreast of pertinent trends on increasingly important issues which can affect their individual and corporate competitiveness.