Skip main navigation
You are at: Home>About Us>AENOR information room>Press releases>AENOR gives the Regional Government of Castile-La Mancha triple certification for information security
 
 

AENOR gives the Regional Government of Castile-La Mancha triple certification for information security and continuity, in the Public Administration of Spain

06/03/2020

  • The 112 service's first contact with citizens, backed by international certifications for Information Security, Business Continuity and the National Security Framework. 

6 March 2020. AENOR awarded its first triple certification for information security and continuity to the Regional Government of Castile-La Mancha. Specifically in the National Security Framework, the Information Security Management System ISO 27001 and the Business Continuity Management System ISO 22301.

These three certifications verify and accredit the collection, recording and management of data of the first contact that is made with citizens via the 112 emergency telephone number. The certificates were presented to the councillor for the Treasury and Public Administrations of Castile-La Mancha, Juan Alfonso Ruiz Molina, by AENOR CEO Rafael García Meiro.

During the event, Ruiz Molina expressed his satisfaction with 'the commitment of Emiliano García-Page's regional government to guarantee the security of the technological processes that make it possible for citizens to contact the 1-1-2 Emergency Service'.

Meanwhile, García Meiro said that 'Being the first Spanish Administration to have triple certification, the Government of Castile-La Mancha demonstrates it commitment to one of the most appreciated values today: security. Quite rightly, citizens require guarantees on the information they provide to any organisation. It is very important for a service like 112; which clearly demonstrates the Administration's role of giving help to those who need it, to send such a clear message through provenly effective forms of management, in Spain and abroad.'

ISO 27001 certifies that organisations have implemented a set of suitable control processes to ensure the privacy, integrity and availability of their information systems to reinforce and protect their Information Security, with a commitment to continual improvement.

It also helps organisations to know the risks, identifying threats to business activity and effectively reducing them.

The certificate attesting compliance with the National Security Framework (NSF), which is obligatory for Public Administrations, guarantees that the basic security principles and minimum security requirements for the information systems of public administrations have been established, with the aim of generating confidence in these systems. An incident could have a damaging impact on the availability, authenticity, integrity, privacy or traceability of their systems, services and information.

And finally, the ISO 22301 certificate for the Business Continuity Management System lays down the requirements for planning, establishing, implementing, operating, overseeing, reviewing, testing, maintaining and improving said system. This means that certified entities have a framework to boost their capacity of resilience in the event of a potential incident or crisis situation, providing an effective response whilst safeguarding the interests of the main players, as well as their critical processes and activities.