Home / Financial Services/ CDB gains ISO/IEC 27001:2013

CDB gains ISO/IEC 27001:2013

Comments / {{hitsCtrl.values.hits}} Views / Friday, 11 January 2019 00:00


CDB MD/CEO Mahesh Nanayakkara stands proudly with his team as he is presented the ISO/IEC 27001:2003 certification by Deputy General Manager – Operations (Academy) Noel Fernandes and Branch Manager (Sri Lanka) Wasantha Gunarathne of TUV SUD Lanka, making CDB completely compliant with information security best practices as per the standards certification granted by leading cyber security advisory firm Trustvault


  • Reiterates absolute protection from information security threats and vulnerabilities

Achieving yet another triumph, Citizens Development Business Finance PLC (CDB) gained one of the toughest ISO certifications applicable for the financial industry recently. CDB is now proudly certified with ISO/IEC 27001:2013, the information security standard that specifies a management system intended to bring information security under management control.

The accreditation was granted by TUV SUD Lanka Ltd., a subsidiary of TUV SUD South Asia, which is headquartered in Munich, Germany. It is one of the world’s leading technical services providers in testing and product certification, inspection, auditing and system certification, in addition to training and knowledge services.

Following the completion of a successful audit, the conferring of the certification denotes that CDB is completely compliant with all standards and directives contained within the standards certification, leaving no room for non-conformance as certified by the auditor.  

Very proud of his team’s achievement signalling another trailblazing triumph for the financial services industry, MD/CEO Mahesh Nanayakkara said: “This is yet another great achievement not just for CDB but for the entirety of the financial services industry because it reiterates the industry’s focus on conformance and absolute compliance, adding investor confidence into market dynamics.  For CDB, this is an added laurel because gaining this certification is a difficult and tough process, and in fact some banking entities are yet to attempt getting certified. My team must be commended on completing the process successfully and adding those elements of security into the way we work, which will assure privacy, confidentiality, accessibility and reliability of customer data.”

The implementation partner for the project engaged by CDB to implement information security best practices and certification requirements was leading cyber security advisory firm Trustvault Ltd. Engaging with CDB’s highly committed and driven IT team over several months to assess regulatory requirements with industry best practices, Trustvault established a practical information security governance framework that would be the axis upon which CDB’s information security will function.  The process is subject to annual audits which will also involve continuous improvement and analysis of current and emerging scenarios that must be factored into the framework. As Nanayakkara concludes: “With the increased use of IT in our daily lives, the financial services industry especially remains vulnerable to cyber security threats, which could be via disruption, modification, data destruction or even unauthorised access. Having pioneered some industry firsts in IT, we have also been very cognisant of these threats and vulnerabilities. While maximum information protection has always been in place at CDB, we also know that infusing global best practices will be instrumental in absolute protection of our customer data, which is why we ventured into ISO/IEC 27001:2003.  Our stakeholders are now reassured that their information will always be protected with best in class standards.”

Share This Article

Facebook Twitter


1. All comments will be moderated by the Daily FT Web Editor.

2. Comments that are abusive, obscene, incendiary, defamatory or irrelevant will not be published.

3. We may remove hyperlinks within comments.

4. Kindly use a genuine email ID and provide your name.

5. Spamming the comments section under different user names may result in being blacklisted.


Today's Columnists

“Sri Lanka’s future lies in producing exportable manufactured goods”: Dr. Howard Nicholas

Monday, 22 July 2019

Drawing lessons from Vietnam’s experiences The Sri Lanka-born economist attached to The Hague based Institute of Social Studies – Dr. Howard Nicholas – addressing a packed audience consisting of the alumni of the Postgraduate Institute of Manag

We should sell our water

Monday, 22 July 2019

When you read the title of this article, you will probably feel disgusted with me as selling our water has been a controversial topic since a long time ago. By the way, I am talking about virtual water trade and you would be surprised to know that we

A voice of compassion amid howls of zealotry

Monday, 22 July 2019

The unrestrained freedom extended by the current regime to a bunch of saffron-clad street vendors of Sinhala Buddhist zealotry is pushing Sri Lanka once again into a cauldron of ethnic and religious convulsion. The nationwide spread and virulence of

Roger Beteille: The man who reinvented the commercial airliner

Monday, 22 July 2019

The visionary engineer, pilot and manager who led Airbus to some its most significant decisions, passed away last month. Beteille, who was the head of French aircraft manufacturer Sud Aviation’s flight testing section, was made technical director

Columnists More