We depend on information and communication technology (ICT) systems to achieve our objectives. These systems must be protected against quickly developing threats that have a potential to impact the confidentiality, integrity, availability, planned use and value of the information and services.
To defend ourselves against these threats, we execute a strategy adapted to changes in the surrounding conditions, to guarantee the uninterrupted provision of our services. We therefore apply the security measures required by ISO 27001:2013 standard and the National Security System (ENS), depending on the risk and the categories into which the different systems are divided.
Our governing body is committed to leading the maintenance of the Information Security Management System (SGSI), as well as the provisions specified in Royal Decree 3/2010 of 8 January.