The Thailand Office of Insurance Commission announced that it has obtained two international ISO certifications for information security and personal data protection, covering its core IT operations including the Insurance Bureau System for life and non-life policyholder data. The certifications are ISO/IEC 27001:2022 for an Information Security Management System and ISO/IEC 27701:2019 for a Privacy Information Management System, following an audit and certification by Bureau Veritas Certification (Thailand) on 17 July 2025. ISO/IEC 27001:2022 covers the data centre and associated infrastructure management, physical security, security equipment, networks, and the IBS Non-Life and IBS Life systems, while ISO/IEC 27701:2019 applies to personal data management for IBS Non-Life and IBS Life where the OIC acts as the personal information controller, aligned with Thailand’s Personal Data Protection Act B.E. 2562 (PDPA).
Thailand Office of Insurance Commission 2025-08-15
Thailand Office of Insurance Commission obtains ISO/IEC 27001:2022 and ISO/IEC 27701:2019 certifications for its data centre and Insurance Bureau System
The Thailand Office of Insurance Commission has received ISO/IEC 27001:2022 and ISO/IEC 27701:2019 certifications for information security and personal data protection. These certifications cover core IT operations, including the Insurance Bureau System for life and non-life policyholder data, following an audit by Bureau Veritas Certification (Thailand).