Information security is defined as the protection of information from a wide range of threats. Andorra Telecom has taken measures to protect this information from malicious actions such as fraud, embezzlement, sabotage, violations of privacy, technical errors and force majeure events such as natural disasters.
The company has approved and developed a set of security guidelines. Our policies have been approved by AENOR’s Information Security Management certification , based on the ISO 27001:2013 standard. The above certification states that our policies and practices in the field of security guarantee the confidentiality, integrity, availability and traceability of information.
AENOR, a private non-profit organisation, is one of the 10 most important entities in the world within the sector and issues certificates in more than 60 countries.
The principles upon which our Information Security Regulations are drawn up are as follows:
- The information is protected throughout its life cycle, from its creation to its eventual destruction.
- The company protects the information from unauthorized access, inappropriate circulation and loss.
- Every employee has the obligation and duty to adequately protect the information.
- Personnel and external partners are subject to the security regulations of Andorra Telecom and have the obligation to protect the information.
- The measures must be established taking into account the classification of the information, which will determine, by means of continuous risk assessment, the level of confidentiality, integrity, availability and traceability.