Information Security

The Elecnor Group understands information security as an integral and continuous process over time. This security must be made up of all the technical, human, material and organisational elements necessary to ensure that it is properly managed.

The Group's information security management system is certified in accordance with the UNE 27001 standard.

PRINCIPLES OF ACTION

Therefore, security measures have been put in place to reduce the possible appearance of threats and so that any security incidents which arise may be detected, can be dealt with in time and do not seriously affect the information being handled or the services being provided, whilst enabling their restoration. To this effect, the principles of conduct are the following:

To define, develop and put into operation the necessary technical, legal and management controls to ensure compliance with the risk levels approved for the organisation at all times.

To create a “security culture”, both internally with all the staff and externally with customers and suppliers. In particular, to promote this security culture and its implementation in the services Elecnor offers to its customers.

Elecnor Group, in its aim for continuous improvement, has achieved certification in the ISO 27001 Standard, which establishes the requirements for Information Security Management Systems. This certification guarantees the confidentiality, availability and integrity of the organisation's information, reinforcing and incorporating security into the business culture and avoiding risks.