Bahrain's national carrier Gulf Air has begun the new year with a major achievement by earning the prestigious ISO certification for its information security management system (ISMS). By winning this global recognition, the airline has proved once again its pioneering and innovative tradition by becoming one of the select few airlines in the region. Following an independent audit of the airline's information security management systems by RINA - the international ISO certification body - the prestigious ISO/IEC 27001:2005 certification was awarded to Gulf Air. The certification includes the airline's information technology processes and people including information governance, business support, IT infrastructure and information security. Receiving the certificate at the airline headquarters, Gulf Air acting Chief Executive Officer Maher Salman Al Musallam said “we have demonstrated once again our pioneering and innovative tradition at Gulf Air for which we are known for. The ISO certification is further proof of Gulf Air's commitment to providing a secure and safe business technology environment to our customers especially as we launch our new restructuring strategy that will ensure Gulf Air continues to be the most family and business friendly airline. I congratulate our IT team for meeting and setting global standards that has been officially recognized through this ISO certification.” Dr Jassim Haji, Gulf Air Director of Information Technology, said “the certification recognizes and certifies the quality standards benchmarks at Gulf Air for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the organization's overall business risks and improvements.” “Gulf Air is constantly focused on how to improve the security, performance and availability of its customer and business services; attaining the ISO certification is a significant milestone and validation of those efforts.” Andrea Di Bella, RINA Group Middle East Area Manager, said “companies today, regardless of size, need to continuously develop an efficient management system tailored to the business processes, and to use it systematically to achieve competitive advantage. The implementation and certification of an internationally recognized management system is a proof of this. We are glad to have been involved in the certification process and supported their efforts in gaining this certification.” The ISO/IEC 27001:2005 is a global security standard that sets requirements and best practices for managing an organization's information assets. It prescribes a risk-based approach to identify, manage, and reduce the range of threats to which information is regularly subjected. — SG