30 Jan 2020 News
The Group has recently had its information security management system certified in compliance with the international Information Technology (IT) standard.
Sofidel has recently obtained the certificate of conformity to UNI CEI EN ISO/IEC 27001:2017, the international guideline on information security. ISO/IEC 27001 certification is the main organizational standard for implementing an Information Security Management System (ISMS).
The adoption of procedures and protocols planned according to the ISO/IEC 27001 standard allows the company to protect information and data – stored using computer and IT media – to ensure the management security, integrity, availability and confidentiality of such data.
Sofidel has voluntarily undertaken the certification process in order to result in an IT governance system appropriate to the Group’s international dimensions. Part of the process has been to incorporate a proper security strategy to protect corporate data and information, based on a management model in line with the most advanced modern standards and certified by an independent third party.
The expected benefits of this certification include systematic implementation of the IT security policy, effective monitoring of information security risks, systematic risk analysis, proper updating of technical infrastructure, improvements in terms of organization and accountability and, last but not least, greater trustworthiness for stakeholders.
The plan is that the ISO/IEC 27001 certification process, so far completed for the Sofidel holding company (which provides most of the hardware and software services to its subsidiaries), will also be rolled out across other Group companies in the future.