Jump Main Menu. Go directly to the main content


Start of main content

You are in:

  1. News

News search

Ferrovial is granted ISO/IEC 27001:2005 certification for Information Security

Category: General / 06 June 2012

Ferrovial has been granted ISO/IEC 27001:2005 Information Security certification by the British Standards Institution (BSI) at its Madrid headquarters. The certification means BSI has verified the proper management of the company’s data assets.

The certification confirms that Ferrovial meets all ISO/IEC 27001:2005 standards for internal information security services at its central offices in Madrid, in accordance with the statement of applicability of September 30, 2011.

At the event, attended by the General Manager of the Ferrovial IT and Innovation Division, Federico Flórez, and by several representatives of Ferrovial and BSI Iberia, Márcio Viegas, Managing Director of BSI Iberia, handed over the certificate to Federico Flórez.

Federico Flórez stated “efficient security management is gradually being shaped by new regulations into an essential factor for building the reputations and brand image of major companies”.

Ferrovial, a company committed to implementing data protection policies in all divisions, has improved its IT Security Management Systems thanks to this international auditable and globally prestigious standards certification.

Information Security Management System (ISMS)

Information Security Management consists of developing management systems that protect the IT assets of any business, institution or organisation.

The ISO/IEC 27001 is at present the only international auditable standard that defines the requisites of ISMS, and is designed to guarantee the selection of security controls that are appropriate and proportionate to each organisation, providing staff and customers alike with the confidence that comes with data protection guarantees.

An ISMS that is certified under the ISO/IEC 27001 standard provides an organisation benefits such as independent verification that risks are correctly identified, as well as the assurance that the organisation is committed to respecting all laws and regulations, and, most importantly, offers an independent guarantee that internal controls meet the requisites of corporate management and business continuity.

Likewise, this certification gives any organisation a competitive advantage over its peers by meeting contractual requirements, as well as demonstrating to customers that regularly assesses performance and excellence levels, providing assurance that protecting their data is of paramount importance.

End of main content