Gulf Air, the national carrier of Bahrain, has been awarded the ISO certification for its information security management system.

Following an independent audit of the airline’s information security management systems by RINA, the international ISO certification body, the prestigious ISO/IEC 27001:2005 certification was awarded to Gulf Air.

The certification includes the airline’s information technology processes and people including information governance, business support, IT infrastructure and information security.

“We have demonstrated once again our pioneering and innovative tradition at Gulf Air for which we are known for,” said Gulf Air acting chief executive officer Maher Salman Al Musallam.

“The ISO certification is further proof of Gulf Air's commitment to providing a secure and safe business technology environment to our customers especially as we launch our new restructuring strategy that will ensure Gulf Air continues to be the most family and business friendly airline.”

Dr Jassim Haji, Gulf Air director of IT, said: “The certification recognizes and certifies the quality standards benchmarks at Gulf Air for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the organization's overall business risks and improvements.”

“Gulf Air is constantly focused on how to improve the security, performance and availability of its customer and business services; attaining the ISO certification is a significant milestone and validation of those efforts.”

Andrea Di Bella, RINA Group Middle East Area manager said: “Companies today, regardless of size, need to continuously develop an efficient management system tailored to the business processes, and to use it systematically to achieve competitive advantage.”

“The implementation and certification of an internationally recognised management system is a proof of this. We are glad to have been involved in the certification process and supported their efforts in gaining this certification.”

The ISO/IEC 27001:2005 is a global security standard that sets requirements and best practices for managing an organisation's information assets. It prescribes a risk-based approach to identify, manage, and reduce the range of threats to which information is regularly subjected. – TradeArabia News Service