The Federal Inland Revenue Service (FIRS) has achieved another remarkable milestone by transitioning from the ISO 27001:2013 standard to the latest ISO 27001:2022 standard, earning recertification. This accomplishment underscores FIRS’s commitment to institutionalizing and enhancing information security best practices, particularly for the Automatic Exchange of Information (AEOI) among OECD partners.
The journey to implementing an Information Security Management System (ISMS) and achieving ISO 27001:2022 certification began in 2019 with the engagement of Messrs iCentra Consulting Ltd as the Implementing Consultants. A thorough gap assessment was conducted to identify the current state of the organization’s ISMS practice in line with the ISO 27001 standard. Subsequently, the implementation was carried out to close all identified gaps and prepare FIRS for certification audit by the British Standards Institute (BSI).
The collaborative efforts paid off, FIRS achieved ISO 27001:2013 certification in July 2021 following a successful audit. The official certification presentation was a significant milestone for the Federal Inland Revenue Service. The British Standards Institute (BSI) conducted yearly Continuity Assessment Visits (Surveillance Audits) in 2022 and 2023, both of which FIRS passed successfully without any nonconformities, which further demonstrates FIRS excellence in its security practices.
FIRS has shown remarkable growth and maturity in its information security management. The ISMS team at FIRS has built substantial capacity and is now driving the initiative, embedding it into the organization’s culture. The service has also invested in building the capacity of its staff by training and certifying over 150 employees in roles relevant to the ISO 27001 standard, thereby empowering the ISMS team to take charge of the information security processes as process owners. This transformation has strengthened their security posture and fostered a culture of continuous improvement and vigilance.
In May 2024, FIRS underwent the rigorous process of re-certification and transition to ISO 27001:2022, again succeeding with no non-conformities. These achievements highlight FIRS’s dedication to institutionalizing information security as a core aspect of its operations and embracing best practices in the field.
iCentra is privileged and grateful that the management of FIRS trusted us as a worthy partner since 2019 to accompany them on this transformative path. We are excited to continue this journey with FIRS as they mature, become self-sufficient, and embed a culture of information security within their organization.
The dedication, commitment, and continuous support of top management have been instrumental in ensuring the successful audit and fostering information security best practices within the service. We are incredibly proud of the achievements, hard work, diligence, focus, and commitment of the entire ISMS team. The Service could not have achieved the transition and recertification without the efficiency demonstrated by this exceptional team.
As we continue to support FIRS post-transition, we are confident that this new milestone will further strengthen their information security management systems. We extend our gratitude to the Federal Inland Revenue Service management for their unwavering commitment, dedication, and support, which have ensured the seamless incorporation of the information security culture at FIRS.
Stay tuned for more updates as FIRS continues to set a benchmark in information security and compliance.