They were created with a very clear purpose, that of helping companies to reduce costs and increase their effectiveness, offering them a certain orientation, coordination, simplification and unification of criteria.
Other examples of the advantages of the recently implemented standard 27.001 could be the reduction of the risk of information loss in organisations, the implementation of security measures so that customers can access the information themselves, or the establishment of a methodology thanks to which information security can be managed in a clear and concise manner.
Euro-Funding’s IT department has established a series of Security Policies with the aim of guaranteeing the correct protection of the company’s resources and tools. For them, a period of awareness has been carried out of the people who treat these assets so that they procure their protection in a responsible way.
These Information Security Policies show the commitment of the Management, and have as high level objectives:
Ensure compliance with applicable legislation, regulations and standards
Meet the needs and expectations of the stakeholders involved
Betting on “continuous improvement” as the primary mechanism of evolution and
adaptation of the organisation.
Establish and periodically review the level of security
To train, raise awareness and motivate staff on the importance of complying with the ISMS requirements.