The Office of the Auditor-General was on Thursday issued with the ISO/IEC 27001:2022 Information Security Management System (ISMS) certification from the Kenya Bureau of Standards (KEBS).
During the ceremony to present the certification to Auditor General Nancy Gathungu, KEBS Managing Director Esther Ngari highlighted that the standard provides a crucial framework for safeguarding sensitive information.
Ngari stated that the achievement results from enhancing operational excellence, ensuring that financial statements and audit records are credible, secure, and readily accessible when needed.
“On behalf of the Kenya Bureau of Standards, its Management, Certification Body, and the entire staff, I extend our heartfelt congratulations to you for this outstanding achievement. It is a true reflection of your commitment to excellence, transparency, and accountability in public service,” said Ngari.
The KEBS Managing Director specifically commended the Office of the Auditor-General for the award, noting its critical role in the nation’s democratic framework. She asserted that the new certification indicates that the Office of the Auditor-General is not only meeting but exceeding international benchmarks in securing information assets, aligning its operations with global standards of public sector governance in the digital age.
“The Office of the Auditor-General is entrusted with the immense responsibility of independently auditing and reporting on the management of public resources at both national and county levels. Such a mandate calls not only for institutional integrity but also for robust safeguards around the confidentiality, availability, and integrity of information,” she said.
According to Ngari, the certification directly supports the Office of the Auditor-General in adopting secure, technology-driven systems that will enhance operational efficiency.
In a world where data has become a vital national asset and cyber threats are increasing in complexity and scale, the KEBS MD believes that the ISMS certification confirms the office’s preparedness to tackle current risks and lead in upholding national security, institutional credibility, and public confidence.
“Every day, institutions like this handle substantial volumes of confidential data. Any breach of that information could have far-reaching implications not only for the institution but also for public trust and national stability. By attaining this globally recognised certification, this office has demonstrated its commitment to safeguarding sensitive data, protecting its stakeholders, and affirming its place as a leading audit institution not only in Africa but worldwide,” she explained.
Ngari added that KEBS will continue to assist institutions like the Office of the Auditor-General through activities such as annual surveillance audits and technical support, as well as helping to identify opportunities for continual improvement to ensure they remain at the forefront of excellence in public sector auditing and information security.
She emphasized that KEBS operates under globally recognized standards, citing its accreditation by the Dutch Accreditation Council (RVA) as a testament to the agency’s integrity, competence, and alignment with international conformity assessment protocols.
“This global accreditation ensures that certificates issued by KEBS are recognized not only regionally but also globally — enhancing Kenya’s competitiveness, supporting international trade, and reinforcing our role in the global quality infrastructure,” she said.
