Qatar Fuel Additives Company Limited (Qafac) has received ISO/IEC 27001, the standard for Information Security. The certificate was issued after several external assessments.
To achieve this certification, a company must show a continuous, structured commitment towards managing sensitive company and customer information. The certification demonstrates that the security of QAFAC project is in line with world-class standards and meets the needs of the company’s customers.
The ISO certification is a testament to QAFAC focus in adopting and implementing global standards and best practices to ensure effectiveness, efficiency, confidentiality and integrity in its day to day operations. It is one of the many certifications that the company plans to acquire in the days to come.
By obtaining certification in ISO 27001, QAFAC has once again demonstrated its credibility and proved that it is working according to recognized best practices. With this, QAFAC can now work with its global partners in a common language, lowering cross-cultural barriers, increasing trust and a positive return on investment and a better tomorrow.
Published in 2005, the ISO 27001:2005 standard provides a robust model for information security risk assessment and security design, implementation, and management. With its comprehensive approach, the standard helps ensure the adoption of appropriate security controls that protect the information of customers and other stakeholders.
Commending QAFAC effort in getting the ISO certification, Mr. Rashid Al Muhannadi said, “I am delighted to be here to help mark the occasion of the British Standards Institution awarding QAFAC Company with ISO Certification for Information Security. UK supports Qatar’s ambitious and exciting plans and we look forward to broadening and strengthening our relationship and ongoing partnerships with QAFAC Company.”
For his part, Mr. Omar Rashid Country Manager of British Standards Institution (BSI) said, “On Behalf of the Board of Directors, the Chairman and the Regional Managing Director of the British Standards Institution Mr. Theuns Kotze, I would like to say congratulations to QAFAC Company on achieving ISO 27001:2005 certification. We believe Standards are the DNA of Civilization – Without our ability to design and accept Standards we could never have developed into such a complex society. Standards drive learning… Standards make comparison possible… Standards Fuel Creativity… Standards are the code in which human collaboration and discovery is written. Your achievement will make a positive difference in developing the objectives of QAFAC Company”.
ISO 27001 requires that management: Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities, and impacts; Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; and Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis.