NEC XON has extended its ISO 27001:2022 based Information Security Management System to include and align with the requirements of ISO 27701:2019, a global benchmark for Privacy Information Management.
This milestone builds on the company’s ISO 27001:2022 certification achieved in 2024.
“Africa’s privacy landscape is becoming increasingly complex,” says Durandt Eksteen, CIO (Africa) at NEC XON. “With the enforcement of laws such as South Africa’s POPIA, Kenya’s Data Protection Act, and Nigeria’s NDPR, implementing a framework that formalises privacy governance was the next logical step.”
ISO 27701:2019 extends NEC XON’s established ISO 27000 series based framework, creating a governance model that not only protects data security but also ensures compliance with global privacy standards. ISO 27701:2019 provides clear guidelines for managing Personally Identifiable Information (PII), while bridging the critical gap between data security and privacy.
Operating across multiple African territories, NEC XON recognises the importance of a harmonised, internationally aligned approach to privacy in a region where digital transformation is outpacing regulation. By embedding ISO 27701:2019’s requirements into its processes, NEC XON enhances trust among clients, governments, and communities, reinforcing its role as a trusted technology partner.
“By raising the bar on our information security and privacy practices, we are not only protecting stakeholder data but also demonstrating to our customers that we take their privacy rights seriously.” Eksteen says.