Jakarta, December 2017 - After going through a 6-month process, WWF-Indonesia successfully obtained the International Organization for Standardization (ISO) 27001:2013 certification for Information Security Management System (ISMS) or Information Security Management System for Financial Data Management.

ISMS is important for business management as a way to protect and manage information, based on a systematic approach to business risks to prepare, implement, operate, monitor, review, maintain and improve security. Information is an important asset that must be protected and managed, especially to maintain the reputation or image of the organization.

Aria Nagasastra, Finance Director of WWF-Indonesia, said, "WWF-Indonesia needs to get this certification because in the future it will manage bigger programs, partnering with more parties including governments and international organizations."

"This certificate is not the end goal, but a form of WWF-Indonesia's commitment to always maintain the integrity of the information system and increase the trust of donors and partners to this organization," he concluded.

The achievement of ISO 27001:2013 gives great meaning to WWF, because such standardization is not only able to increase trust, but also strengthen business processes and continuous improvement, and improve information technology security. Thus, the organization's image and competitiveness are also improved, thus opening up opportunities for future organizational development.

Protecting information means maintaining confidentiality, which ensures that information can only be accessed by authorized parties. It also means maintaining integrity, ensuring that information remains accurate and complete, and that it is not modified without clear authorization. And finally, ensuring that information can be accessed by authorized parties when needed.

The implementation of ISO 27001 by WWF is divided into four stages: Plan, Do, Check, Act (PDCA). In the Plan stage, WWF identifies objectives, determines management support and chooses the best way of implementation by taking into account risks. In the Do stage, WWF develops policies and procedures for implementation including developing risk management plans, allocating budgets and training staff.

In the Check stage, WWF monitors the entire implementation process in ISMS and prepares for audit needs. Finally, at the Act stage, WWF conducts periodic reviews and audits, taking regular corrective, preventive and developmental actions. The Enterprise Resource Planning (ERP) system is a form of implementation of ISO standards for financial information management.

According to Edwin Hendarsyah, IT Manager of WWF-Indonesia, ERP was chosen as a system that is capable and proven to facilitate staff in managing financial information. "WWF-ID started migrating from conventional financial systems to ERP, which helps us integrate, plan and manage company resources including procurement, financial accounting, project management, and asset management in a transparent, realtime and accountable manner."