Aga Khan University (AKU) ICT Division has achieved a significant compliance milestone by successfully completing the ISO/IEC 27001:2022 Transition and Second Surveillance Audit across its operations in Pakistan, Kenya, Uganda, Tanzania and the UK. Conducted by SGS, this comprehensive audit resulted in zero non-conformities, underscoring the division’s adherence to globally recognized information security standards. This outcome reflects the organization’s commitment to safeguarding sensitive data and maintaining rigorous security practices across its international footprint.
The audit process assessed the ICT Division’s information security management systems, policies and procedures to ensure they meet the updated requirements of ISO/IEC 27001:2022. By passing both the transition and surveillance phases without a single non-conformity, AKU ICT Division has demonstrated a proactive approach to risk management, data protection, and continuous improvement in compliance with international best practices. This accomplishment strengthens confidence among stakeholders, partners and users who rely on the integrity and confidentiality of AKU’s digital infrastructure.
Such achievements are the result of coordinated efforts across multiple teams and departments. AKU acknowledged the contributions of IS-MRC, ICT SLT, ISMS Champions, HR, Internal Audit, Risk Management, the InfoSec Team and other colleagues whose dedication and expertise ensured successful preparation and execution of the audit requirements. Their combined work reflects an organizational culture centered on accountability and security. Special appreciation was also extended to Mr. Khawar Saleem, Lead Auditor from SGS, whose professional guidance and insights supported the audit process and added valuable perspectives for further enhancement of the information security management framework.
For AKU ICT Division, this milestone is more than a compliance achievement; it signals an ongoing commitment to aligning with evolving international standards and building resilience into its information systems. The certification affirms that policies, controls and procedures are robust and effective, enabling the division to manage risks, protect data and ensure continuity of services across its diverse geographic locations. By maintaining such high standards, AKU ICT Division not only reinforces trust in its systems but also sets a strong example of disciplined security practices within the higher education and healthcare sectors. This success motivates teams across the organization to continue improving their practices and maintaining the highest levels of information security.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
