The Faculty of Business Administration and Accountancy (KKBS), Khon Kaen University, has officially achieved certification for the Information Security Management System (ISMS) ISO/IEC 27001:2022, the globally recognized standard for information security management. This certification underscores the three core pillars of data security—Confidentiality, Integrity, and Availability (CIA)—ensuring comprehensive protection of critical information assets.

Between April 28–30, 2025, the faculty underwent an external audit to upgrade from ISO/IEC 27001:2013 to the latest ISO/IEC 27001:2022 standard. Certification was formally granted on August 13, 2025, by Bureau Veritas Certification (Thailand), one of the world’s leading and internationally recognized certification bodies. This achievement demonstrates KKBS’s commitment to internationally accepted standards, modern practices, and robust protection against evolving digital threats.

Asst. Prof. Pongsutti Phuensane, Ph.D., Dean of KKBS, stated that the implementation of ISMS has been a crucial step in systematically managing information security, ensuring trust and confidence among stakeholders, and safeguarding against unauthorized access. He emphasized that this success was made possible through the dedication and collaboration of all faculty and staff. The certification, he noted, marks a significant milestone in the faculty’s journey toward global standards and continuous excellence.

Expanding on the process, Suparak Janjarasjit, Ph.D., Assistant Dean for Educational Quality Development and Digital, explained that KKBS established an ISMS working group comprising representatives from the Dean’s Office, supporting units, and IT specialists. The preparation and system improvements spanned over eight months, supported by regular internal audits conducted by certified internal auditors to ensure compliance and continuous improvement.  

Mr.Samrit Matcha, Computer Technical Officer, Professional Level and Head of the ISO Implementation Team, highlighted the importance of the upgrade to ISO/IEC 27001:2022. The new standard introduces 11 additional requirements compared to the 2013 version, covering critical areas such as Cyber Incident Response, Threat Intelligence, Web Filtering, Data Masking, and Cloud Security Management. In addition, more than 15 key operational processes were revised to align with the new requirements, including cybersecurity risk assessment, incident management, data backup and recovery, access control, and Business Continuity Planning (BCP). These updates ensure that KKBS’s systems remain modern, comprehensive, and prepared to effectively address any emergency.

The certification of ISO/IEC 27001:2022 not only underscores KKBS’s commitment to safeguarding the information of its students and staff but also elevates its academic services and administrative standards to meet international benchmarks. This milestone strengthens the faculty’s readiness for the challenges of the Industry 4.0 era and its role as a digital university, enhancing global competitiveness and credibility. It also lays a solid foundation for achieving additional international certifications in the future.