Philippine National Bank (PNB) Achieves ISO 27001:2022 Certification, Elevating Information Security Practices

Awarding of ISO 27001:2022 Certification at PNB Financial Center, Filipiniana Room. From left to right: Michael Joseph S. Pangan, Administration Group Head; Roderick R. Soriano, Corporate Security Group Head & Chief Security Officer; Reynaldo Burgos, Operations Group Head, PNB President Florido “Doy” Casuela; Ava Taniajura, Managing Director of BSI; Roland V. Oscuro, Chief Information Security Officer & Data Protection Officer; Cecille D. Regalario, IT/IS, Project Risk Management & Governance Division Head; Juliet S. Dytoc, Enterprise Risk Management Group Head & Chief Risk Officer; Michael Morallos, Information Technology Group Head; Melissa Gabor, OIC, Global Compliance Group; Lotus R. Altavas, Human Resource Group Head; Analisa I. San Pedro, Internal Audit Group Head & Chief Audit Executive.

Philippine National Bank (PSE: PNB) has recently been conferred the ISO/IEC 27001:2022 certification by the British Standards Institution (BSI). The ISO/IEC 27001 standard is internationally recognized for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). The certification for the upgraded ISO 27001 is proof of PNB’s unwavering commitment to safeguard sensitive information and enhance cybersecurity measures. This significant achievement was accepted and led by PNB President Florido “Doy” Casuela and the Office of the Chief Information Security Officer (CISO) and Data Protection Officer (DPO) of the Enterprise Risk Management Group.

FSVP Roland V. Oscuro, PNB’s CISO and DPO, underscores the relevance of the milestone. “We are thrilled to achieve the ISO certification which validates our efforts and affirms that our processes are on par with the highest standards of information security,” he said. “As we continue to offer better digital banking services to our customers, we also ensure a safe and secure digital environment to protect their personal data and transactions.”

“This certification is a product of the hard work and commitment of our people across various groups in PNB,” said FVP Juliet S. Dytoc, Chief Risk Officer and Head of the Enterprise Risk Management Group. “We thank PNB Management and the Board for the utmost support given to the ISO certification working team. This achievement further inspires us to continue pursuing initiatives to strengthen our information security.”

The ISO 27001:2022 certification follows a rigorous assessment process conducted by BSI, covering the bank’s information security policies, risk management framework, and operational controls. PNB aims to continuously build a security-centric culture and enhance its security measures to address emerging threats, aligning with global best practices to ensure a trustworthy banking experience for its customers. This ISO recognition highlights PNB’s proactive approach to prioritizing stakeholder protection while adhering to the optimal criteria of information security management.