Union Assurance, Sri Lanka’s longest-standing private Life Insurer, has achieved a landmark milestone by becoming the first Life Insurance Company to be certified under the ISO/IEC 27001:2022 standard, redefining information security benchmarks across the industry. The globally-recognised certification affirms the strength and maturity of Union Assurance’s Information Security Management System (ISMS), which safeguards the organisation’s most critical assets—including customer data, business intelligence, financial information, intellectual property and third-party records.
The ISO 27001:2022 standard introduces several key updates, including enhanced control areas such as threat intelligence, secure coding, cloud service governance, data masking and ICT continuity. These modern controls are instrumental in addressing today’s cyber risks and ensuring that information security is tightly woven into day-to-day operations.
In addition, as part of its ongoing commitment to data protection and privacy, Union Assurance is also implementing the ISO 27701 Privacy Information Management System (PIMS) to further enhance its governance over personally identifiable information and prepare for evolving regulatory landscapes.
“This certification is a testament to our strategic focus on governance, risk and compliance in a digital-first world,” said Senath Jayatilake, the Chief Executive Officer at Union Assurance. “As the first Life Insurer in the country to attain ISO 27001:2022, we are not just strengthening our internal systems; we are reinforcing the confidence our policyholders place in us every day. It reflects our unwavering commitment to trust, transparency and forward-thinking use of technology”.
“This achievement is not just about compliance. It is about transformation,” said Harsha Senanayake, the Chief Information Officer at Union Assurance. “We are embedding cybersecurity into the fabric of our digital operations–from secure software development to cloud governance. With ISO 27001:2022, we have created a strong foundation to protect our customers’ data while enabling innovation with confidence and speed”.
“At Bureau Veritas, we are dedicated to supporting organisations in their journey toward robust governance, risk management and compliance. Union Assurance’s successful certification demonstrates their proactive approach to safeguarding customer data and aligning with global best practices in cybersecurity. We commend their leadership and vision in setting a new benchmark for the Life Insurance industry in Sri Lanka”, said Shan Nanayakkara, Country General Manager of Bureau Veritas.
Union Assurance is a subsidiary of John Keells Holdings PLC (JKH), the largest conglomerate listed on the Colombo Stock Exchange, operating with over 80 companies in 7 diverse industry sectors. The Company has completed over three decades of success with a Market Capitalisation of Rs. 36.5 Bn and a Life Fund of Rs. 77.5 Bn as at end December 2024. Set to protect lives and enrich the well-being of all Sri Lankans, Union Assurance offers Life Insurance solutions that cover the health, investment, protection, retirement and education needs of Sri Lankans. With an island-wide branch network and a workforce that is over 4300 strong, Union Assurance continues to invest in people, products and processes with a customer-centric focus to be responsive to emerging changes in the Life Insurance industry.
The post Union Assurance Becomes First Life Insurer in Sri Lanka to Achieve ISO 27001:2022 Certification appeared first on Newswire.