Elecnor understands information security as an integral and continuous process over time. This security must be made up of all the technical, human, material and organisational elements necessary to ensure that it is properly managed.
The Group's information security management system is certified in accordance with the UNE 27001 standard.
Therefore, security measures have been put in place to reduce the possible appearance of threats and so that any security incidents which arise may be detected, can be dealt with in time and do not seriously affect the information being handled or the services being provided, whilst enabling their restoration. To this effect, the principles of conduct are the following:
To define, develop and put into operation the necessary technical, legal and management controls to ensure compliance with the risk levels approved for the organisation at all times.
To create a “security culture”, both internally with all the staff and externally with customers and suppliers. In particular, to promote this security culture and its implementation in the services Elecnor offers to its customers.
Los sistemas de información que soportan los procesos corporativos de gestión, mantenimiento y soporte de proyectos de seguridad y de infraestructura (redes, servidores, puestos usuario, comunicaciones…), para el diseño y gestión de proyectos en materia de electricidad, gas, plantas de generación de energía, ferrocarriles, telecomunicaciones, agua y medio ambiente, construcción, instalaciones y mantenimiento.
