The Information Security Policy is submitted in accordance with ISO 27001: 2013 and Royal Decree 3/2010, of 8 January (and subsequent amendments), that regulates the National Security Framework (NSF) in electronic administration, whose article 11 establishes the obligation of having a policy.
El Consorci de la Zona Franca de Barcelona (CZFB) depends on ICT systems (information and communication technologies) to achieve its aims. They are managed diligently and implementing appropriate measures to protect them from accidental or deliberate information security damages.
ICT systems are protected against rapidly evolving threats because these compromise the availability, authenticity, integrity and confidentiality of the data stored or transmitted and the services that the networks and systems provide or make accessible. Therefore, ICT systems must have a strategy adapted to environment conditions to ensure the continuous provision of services. This strategy complies with all security measures required by ISO 27001: 2013 and National Security Framework (NSF), depending on risks and system type.
El Consorci’s management team commits to lead the maintenance of an Information Security Management System (ISMS), as per the provisions of Royal Decree 3/2010, of 8 January.