Isdefe, in its commitment to maintaining the highest standards in information security, has implemented an Information Security Management System in accordance with the requirements of the MEDIUM category of Royal Decree 311/2022, dated May 3rd, which regulates the National Security Framework (ENS) in the field of Electronic Administration.
The ENS, applicable to the entire public sector and administration providers, comprises the basic principles and minimum requirements necessary for the adequate protection of the information processed and the services provided. Its aim is to ensure the access, confidentiality, integrity, traceability, authenticity, availability, and preservation of data, information, and services used through electronic means.
This certification in conformity with the ENS highlights Isdefe's commitment to the security of the information it manages within the scope of its competencies, particularly in protecting the information of its clients.
Specifically, the scope of Isdefe's certification includes:
- The information systems that support the technical assistance and consultancy services to national and international public bodies, and their support processes (HR, information systems, security, governance, quality, business development, legal advice, planning, and financial-economic) in accordance with the categorization document in force at the date of issuance of the certificate.
As a demonstration of this commitment to the security of its systems, Isdefe has an Information Security Policy aligned with the ENS.
Isdefe's Information Security Policy establishes the basic principles, organization, and security responsibilities to achieve an adequate level of protection, ensuring the consistency and integrity of all measures implemented in terms of information security, as well as the privacy of personal data.