The Tarragona Port Authority declares its commitment to information security by means of its Information Security Policy, the main objective of which is to guarantee and protect the confidentiality, integrity and availability of the information and processes that it handles.
Comprehensive security and protection of the data of interested parties is one of the basic services offered by the Port of Tarragona. Aware of the commitment that it undertakes with its internal as well as external clients and users, it has established an Information Security Management System in its organisation based on Standard UNE-EN-ISO 27001 for the processes of ATTENDING TO THE USER(S) AND CLIENT(S), DESIGNING AND PLANNING, PROJECT MANAGEMENT AND OPERATIONAL MANAGEMENT.
The management of the Port of Tarragona will devote all its efforts and resources to preventing possible risks to information security that might affect the Port Authority, its clients and users, by applying the following principles in their management:
Promoting information security for all members of the organisation.
Providing the Port with high level security services.
Ensuring the availability of processes in the area of IT.
Maintaining the security level required to guarantee business continuity suitably, even in adverse situations.
Ensuring the continuous availability, confidentiality and integrity of information.
Preventing and dealing with any security incidents that might compromise the organisation.
Implementing the continuous improvement of the performance and efficiency of the processes that make up the Integrated System of Quality, Environment, Information Security and Health and Safety at Work Management.
BENEFITS OF IMPLEMENTATION
Acquiring certification in the 27001 reflects the company's commitment to information security.
En compartir controls de seguretat amb altres normatives d'obligat compliment (protecció de dades, privadesa i control de la TU), la 27001 contribueix a economitzar la inversió en seguretat.
Estar certificat en la ISO 27001 et diferencia de la competència davant els clients o usuaris, en un mercat cada vegada més competitiu.
Millora de la imatge i increment dels nivells de confiança davant clients, usuaris, proveïdors,…
Disminueix les despeses provocades per incidents potencials que s'estan evitant o reduint augmentant la seguretat dels actius.
En obligar a definir de forma molt precisa qüestions com les responsabilitats i obligacions, ajudant a reforçar la seva organització interna.
Per la implementació de mesures i controls de seguretat.
Protecció davant atacs del món ciber.
Millora la resolució d'incidències, en procedimentar la seva gestió.
Com a conseqüència d'implantació de Pla de Contingències
Garantia cicle PDCA (planificar, fer, verificar i actuar).