The implementation of an Information Security Management System (ISMS) in a company such as Nextel S.A. implies an integrated management of information security. This is achieved through planning, risk assessment, application of technical, organizational, operating and contractual controls, human resource management, communication, training, and contingency and business continuity plans. Information security covers not only information itself but also computer systems, paper and people.
The most important asset of a company is its people. They handle a considerable part of the information of an organization and implement, manage, and maintain the protection systems. Thus, an ISO 27001-based information security management system protects all information assets of a company – systems, paper and, particularly, people.
Owing to our ISO 27001 certification, we stand as a benchmark and pioneers in Spain’s information security field, distinguished by our ongoing quest for the most innovating lines of work. We have also managed to become the only company that can assure its clients the information handled in ordinary business relations is dealt with under the soundest assurance of integrity, confidentiality and availability.
Nextel S.A. is the first consulting firm in the market to be certified for its ISMS under internationally recognized information-security standard BS 7799-2:2002 (June 16, 2004). Such ISMS was also certified by AENOR under Standard UNE 71502 in November, 2005 and, in 2006, it was finally ISO-27001 certified upon publication of the international standard.
At Nextel S.A., we have attained this certification by meeting the following criteria:
- Proven experience in information security
- Trained consultants and auditors, certified in IT Security and ISMS
- Extensive experience in ISMS implementation
- ISO 27001-certified company status