GST Suvidha Provider, Vayana Network receives ISO Certification for Highest Information Security
Mumbai. June 21, 2017. Pune based GST Suvidha Provider, Vayana received an ISO Certification for its information systems security. ISO/IEC 27001:2013 (ISO 27001) is the international standards that describes best practice for an information security management system and keep information assets secure. With a high level of attention given to security in information systems, GSTN has made it mandatory for all GST Suvidha Providers to have their system’s security certified through competent bodies such as ISO. Vayana is one of the 34 GST Suvidha Providers (GSPs) appointed by GSTN.
GSPs need to manage the security of assets such as financial information, intellectual property, employee details or information entrusted to them by third parties.
Briefing about the certification, Raghuram Ramakrishnan, Executive Vice President – Product, Operations and International Business, Vayana Network, said, “Vayana Network’s ISO 27001:2013 certification is a reflection of our commitment to comply with all legal, regulatory, contractual obligations to protect business sensitive and operational information maintained by the GSP. Vayana Network has been compliant to PCI-DSS (Payments Card Industry) standard for over 3 years and has a robust understanding of policies, processes, controls and risk-mitigants to be implemented to ensure highest standards for information security management. Being one of the first few GSPs to have completed the ISO 27001:2013 certification, it reflects our system readiness as well.”
With nearly 80 crore bills estimated to be processed every month, such controls are necessary as information is one of the most valuable assets in GST ecosystem where all taxpayers’ financial data and taxation data is being shared with GSTN.
ISO standards would help with any size of businesses – micro, small, medium or large – in terms of providing them information security. Typically, large companies in the telecom, manufacturing, banking/financial services, health, government industry, etc are highly dependent on measuring processes and service levels. Large companies would be comparatively keener since they need to manage huge amounts of data and would be more interested in a GSP which is ISO certified.
