Table of contents
At Signaturit we are happy to announce that we have obtained the AENOR Safety Information Certificate, based on the requirements of international standard ISO/IEC 27001, which certifies that we have implemented a Management System that strengthens and protects the information in our organisation.
This is the highest level of assurance for information security currently available and gives customers the confidence that Signaturit complies with strict international safety standards.
In the next post we summarise this statement and reflect on our main priority, the protection of information, documents and our customers’ data.
ISO, when the world is in agreement
Today, businesses face many risks and uncertainties in the management of one of their most valuable assets: information. Only with good practices or controls in place, can organisations understand their risk, identify threats to the business, and reduce them effectively.
It is only a matter of time before organisations suffer the consequences of such threats, for which reason international standard ISO 27001 is there to guide any type of organisation, whether public or private, large or small with regard to best practices.
This ISO 27001 standard, which establishes the requirements for implementing, documenting and assessing an information security management system, was put forth by a joint technical Committee between the International Organisation for Standardisation (known by the acronym ISO) and the International Electrotechnical Commission (IEC): the ISO/IEC 1 (JTC 1) Committee.
This joint committee was created in 1987 to “develop, maintain, promote, and facilitate standards related to Information Technology“.
What is ISO/IEC 27001?
ISO/IEC 27001 is a set of international standards that are intended to ensure that the controls existing to safeguard the information of interested parties are also sufficient to protect the confidentiality, integrity and availability of information.
The various standards that make up the ISO 27000 series set out a practical means for an organisation to implement an Information Security Management System (ISMS).
These legal, physical and technical controls must take into account the information of customers, employees, partners, and society’s needs in general.
Basically, information security is part of the proper management of a number of factors such as: capacity, the development of contingency plans for unforeseen incidents, risk analysis, competency, management’s degree of involvement, investments in security and the degree of control implementation.
And although there are many different types of document media, whether information on paper or participating analogue versions, what is certain is that most of the information currently managed by companies is based is in a computerised format.
For this reason, standard ISO 27001 is mainly intended to deal with information technology issues.
The international standard ISO 27001 is intended to establish, implement, operate, monitor, review, maintain and improve an Information Security Management System.
What does ISO/IEC 27001 do for information security?
ISO/IEC 27001 certifies Information Security Management System, as we have discussed.
In particular, being in possession of the ISO 27001 standard certificate demonstrates that an accredited external organisation such as AENOR has certified that Signaturit respects the applicable laws and regulations.
It provides a competitive edge by meeting contractual requirements and demonstrating to our clients that the security of their information is paramount to us.
It allows you to verify that risks are properly identified, evaluated and managed as well demonstrating management’s commitment to information security.
Signaturit meets rigorous security standards
Signaturit has been implementing measures with the aim of providing greater confidence to its customers, basing its system on 4 major principles:
- Confidentiality: the information is available only to persons or authorised systems.
- Integrity: the information is modified only by persons or authorised systems in a permitted manner.
- Availability: the information can be accessed by authorised people when needed.
- Information security: preservation of confidentiality, integrity and availability.
Once the system was implemented throughout the company and had been optimised, it was audited by AENOR, who issued the 27001 certification for “information systems that support the provision of trusted services in accordance with Regulation 910/2014 (EU), blockchain technology and machine learning, in accordance with the applicable statement in effect on the certificate’s issuance date”.
Conclusion
The certification ISO/IEC 27001 is a powerful demonstration of Signaturit’s commitment to the management of information security and helps us to achieve a number of objectives:
- Providing confidence to our clients.
- Competitive advantage over other service providers.
- It also allows us to comply with the various laws for the protection of personal data, information society services, electronic commerce, intellectual property, and everything related to information security.
If you want more information, get in touch with us through the following form,