Information is one of the most important assets in an organisation. Defending this asset is essential in order to ensure that the business is able to continue and develop; it is also a legal requirement (protecting intellectual property, protecting personal data, information society services) and enables customers and/or users to feel more confident.
The greater the value of the information, the greater the risks associated with its loss or deterioration, improper or malicious use.
Information Security Management Systems (ISMS) are the most efficient way to minimise risks, ensuring that the business processes and/or IT services, assets and risks are identified and evaluated, considering the impact for the organisations, and that the most effective controls and procedures are adopted in line with the business strategy.
Effective management of information security guarantees:
AENOR's certification of the Information Security Management System, in accordance with
27001:2014, contributes to promoting activities to protect information in organisations, improving their image and generating confidence among third parties.
Furthermore, Spanish companies' interest in this certification has placed us in the top ten worldwide in terms of the number of SGSI certificates issued, and means that AENOR is the leader in this certification.
This certification scheme is applicable to any type of organisation, irrespective of sector.
Information Security Management Systems are part of the PDCA cycle of ongoing improvement, as are all other ISO Management Systems. This makes it possible to integrate ISMS with any other management system.
The conduct of comprehensive audits optimises internal processes and, as a result, reduces auditing time. This approach is particularly suitable for ISO
9001 and ISO
20000 ) and National Security Scheme (Royal Decree 3 /2010)
When the auditing process has been satisfactorily completed, if the system being used complies with the requirements of the UNE-ISO/IEC 27001 Information Technologies standard, Security techniques. Information Security Management System (ISMS). the organisation obtains:
Furthermore, organisations with management systems certified by AENOR have free access to the
AENORnet and a subscription to the
AENOR monthly magazine.
AENOR Information Security MarkUNE-ISO/IEC
IQNet Mark MANAGEMENT SYSTEM
AENOR is the indisputable leader in information security certification in Spain, making a major contribution to Spain's position in the world's top ten.
Over 500 ISMS certificates have been issued by AENOR. Certified organisations include public administrations and numerous organisations from all types of industries (health, technology, telecommunications, insurance, banking, services, law offices, construction and transport firms, etc.). For example CEPSA, INDRA, IECISA, KIONETWORKS, MINISTERIO DE SANIDAD [Ministry of Health], Organismos pagadores de España [Spanish payment agencies], ATENTO-ContactUS (USA), INFONAVIT (Mexico), COMISIÓN NACIONAL DE FIANZAS Y SEGUROS [National Commission of Finance and Insurance] (Mexico), TELEFONICA PERU (Peru), BANCO CENTRAL DE CHILE [National Bank of Chile] (Chile), BANCARIBE (Curaçao), etc.