Management and Storage of Information in Canarias (GCIC) is an organization belonging to the holding Valora Group, a group of leading companies in the Archipelago in Information Management and Storage, Logistics and Transport, with a staff of over 200 people, making all kinds of custom projects for both public agencies and private equity firms.
GCIC has counted with the services of Plan B Group to carry out the implementation of its Management System of Information Security under the requirements of the ISO 27001 standard, a well demanded certification in levels of Information Technology security which guarantees the use of more stringent security protocols by GCIC in their service provision. During the implementation process, it was incorporated strict compliance policies, such as the policies of access control for acceptable use of assets, the policy of using cryptographic controls or the policy for handling classified information, which allowed greater security document processes. Additionally, the records related to catalog risk assessment, risk treatment or registration of any incidents, have led the organization to set up best practices among its staff.
The development of this project was a performance at the highest level due to the scope of GCIC in areas of high security level for data processing, such as the health sector or public administration, which requires protective measures and higher custody. For this purpose, operating procedures and measures were based on the requirements of ISO 27001 in all processes of the organization, both in terms of internal management and the provision of their services, ending successfully by obtaining the certification of ISO 27001 by Bureau Veritas.
Highest performance to complain with the most strict information security measures.
Meanwhile, Plan B Group has undertaken the implementation and customization services to the Organic Law on Data Protection (LOPD) in this organization, a mandatory legal requirement for any business that manages personal data, both internally and in their services provision. Both performances were accompanied by specific training for efficient management of information security and personal data protection in the organization, developing a customized program for those responsibles of the standard ISO 27001.
Management and Storage of Information in Canarias (GCIC) is now a loyal customer who has placed its confidence in Plan B Group for each years´ internal audits prior to the certification renewal of Management System on Information Security based on Standard ISO 27001, by incorporating aspects of the system developed during the customized program and by improving the activity of GCIC over the time.