Durham Region sets a national benchmark for safeguarding public information

- June 29, 2026
Promotional graphic showing a close-up of hands typing on a keyboard with a digital lock icon overlay, symbolizing cybersecurity. On the right side, a red badge reads “ISO/IEC 27001:2022 Management System – MS ECB Certified” with a checkmark. At the bottom, Durham Region branding appears alongside the text: “Durham Region sets a national benchmark for safeguarding public information.”

 Whitby, Ontario – The Region of Durham is proud to announce a major milestone in our commitment to protecting residents’ information and delivering secure, reliable public services. The Region’s Corporate Services – Information Technology (CS-IT) division has achieved ISO/IEC 27001:2022 certification, becoming the first municipality in Canada to earn this globally recognized accreditation.  

ISO/IEC 27001:2022 is the world’s leading standard for Information Security Management Systems (ISMS). It sets rigorous requirements for how organizations manage and protect information, ensuring confidentiality, integrity, and availability. For residents, this means the core systems that support essential services, from health and social services to infrastructure and finance, are designed with security at their core.  
 
This national first reinforces the Region’s leadership in information security and demonstrates a clear commitment to safeguarding the personal and sensitive information residents entrust to the Region every day. The certification reflects more than two and a half years of focused investment in cybersecurity maturity across the organization, including a comprehensive audit completed in spring 2026. Feedback from the audit was highly positive, recognizing the Region’s strong security practices, and the preparedness of its teams. 

By achieving this milestone, the Region is setting a new benchmark for municipalities across Canada – demonstrating leadership, while reinforcing public confidence. While this certification marks a significant accomplishment, it also represents an ongoing commitment. The Region will continue to enhance its information security practices to stay ahead of evolving risks and ensure that residents’ information remains safe, secure, and protected.  

Quotes:  
 
“Information security is at the core of everything we do, and this milestone reflects years of dedication and collaboration across the organization. Achieving ISO/IEC 27001:2022 validates the strength of our systems and processes, and it positions the Region as a leader in protecting the information that supports critical services for our residents. We will continue to strengthen and evolve our practices to stay ahead of emerging risks.”  

 – Elaine Baxter-Trahair, Chief Administrative Officer    

“This certification reinforces our commitment to the people we serve. Residents trust us with their personal information every day. Achieving ISO/IEC 27001:2022 demonstrates that we are meeting the global standards to keep that information safe, secure, and protected. As the first municipality in Canada to earn this certification, we are proud to lead the way in building trust and confidence in how public sector organizations safeguard data.”  

 – Chi-Cheng Chu, Chief Information Officer and Chief Information Security Officer, Region of Durham 
 

 – 30 – 

Subscribe Back to News Search

Contact Us

The Regional Municipality of Durham
605 Rossland Road East
Whitby, Ontario Canada L1N 6A3

Telephone: 311 (within region limits)
Telephone: 905-668-7711
Toll-Free: 1-800-372-1102

Sign up to our Newsletter

Stay up to date on the Region's activities, events, programs and operations by subscribing to our eNewsletters.

Sign up today!