The Bank of Ghana has been asked to ensure that all banks publish their audited accounts on their websites.
Research group, DankwahM Advocacy, Ghana, said in a statement that stakeholders will need the audited accounts to inform their decisions, hence the demand for the publication
“BoG should compel all certified banks to on their websites and publications provide classification, and evidence of compliance with the PCI DSS 3.1 / ISO/IEC 27001:2013, a global standard authorized by the PCI Council / ISO in 2013. BoG should compel all certified banks to make available on their websites, audits by a qualified security assessor (QSA) and an approved scanning vendor (ASV) in predetermined periods that have been authorized by the PCI Council
“BoG should make available to all customers of each non-compliant bank, a total sum of $120,000 or the Cedi equivalent for impairing their collective digital security. BoG should make available to all customers in Ghana in writing a road-map as to switching to ISO 27701 recommended by the Technical Committee, ISO/IEC JTC 1/SC 27 with Publication date: 2019-08
“BoG should compel all certified banks to provide to the Ghanaian public measures they have in place to mitigate and possibly eradicate costs that are caused by information security incidents, costs for managing information security, costs that are related to information security measures as well as, costs of capital that are induced by information security risk (Mataracioglu 2016)
“The BoG should provide the Ghanaian public with formal guarantees that all its PCI certified banks are ready to give consumers information about the use of their data’ and whether or not ‘Data subjects’ … right to know whether their information is being processed and, if so, to receive a copy’ are being respected?”