ASHOK Leyland Ltd has received the BS7799 certification for its information security management system.
Dr S.L. Sarnot, Director-General, Standardisation Testing and Quality Certification (STQC) Directorate, handed over the certificate to Mr R. Seshasayee, Managing Director, Ashok Leyland.
The company's data centre at Ennore (its system headquarters) has received the certification. Ashok Leyland plans to expand the scope of the certification to other locations over the next two to three years.
According to Mr N. Mohanakrishnan, Special Director - Information Technology and Knowledge Management, Ashok Leyland, the certification recognises the company's defined security policy, risk assessment and treatment plan, selection of controls for identified risks and audit. He said information was segregated and classified and access provided based on the classification.
BS7799, according to the company, is a standard specified for Information Security Management System, which allows senior management to monitor and control information security, minimise business risk and ensure that security continues to fulfil corporate, customer and legal requirements. Ashok Leyland achieved the certification with guidance from STQC, which was also the certifying agency.
STQC is a globally recognised certifying authority under the Union Ministry of Information Technology.
Mr Seshasayee said obtaining the certification was part of the company's business strategy as it was clear that information was going to a business differentiator. Ashok Leyland had undertaken a massive exercise to understand its customers and their business drivers to design products and services to suit their needs. Information and managing it played a big role in this process. Security of information, Mr Seshasayee said, is important to a lot of business partners. The fact that Ashok Leyland has a certification for its Information Security Management System will give the business partner the confidence that its drawings will be secure with the company.
|
