AENOR – Spanish Association for Standardisation and Certification

Home > Certification > Risks and Safety

Certification ISO 27001 Information Security Management Systems

The key to the security of your information system

Information is one of the most important assets in an organisation. The defence of this asset is an essential task to ensure the continuity and the development of the business. It is also a legal requirement (copyright protection, personal data protection, services for the information society), and inspires confidence in clients and/or users.

The greater the value of the information, the greater the risks associated with its loss or deterioration, improper or malicious use.

Information Security Management Systems (ISMS) are the most effective means of minimising risks, ensuring that assets and risks are identified, considering the impact for the organisation, and that the most effective controls and procedures are adopted in line with business strategy.

Effective management of information security guarantees:

  • confidentiality, ensuring that only those who are authorised can access the information,
  • integrity, ensuring that the information and its processing methods are accurate and complete, and
  • availability, ensuring that authorised users have access to the information and to related assets when they need it.

The certification of Information Security Management by AENOR, in accordance with the UNE-ISO/IEC 27001:2014, helps to promote activities of data protection in organisations, thus improving their image and generating confidence with respect to third parties.

Moreover, the interest of Spanish companies in this certification has put us in the world's top ten for the number of certificates for ISMS, and made AENOR the leader for this certification.

Related sectors

This certification scheme is applicable to any type of organisation, regardless of the sector in which it operates.

Possibility of obtaining comprehensive certification with

The Information Security Management System allows for ongoing improvement following the cycle of PDCA and sharing it with other ISO Management Systems. This makes it possible to combine the ISMS with any other management system.

The conduct of comprehensive audits optimises internal processes and, as a result, reduces auditing time. This approach is especially appropriate for Quality Management Systems (ISO 9001) and IT Service Quality Management System (ISO 20000).

What clients obtain

When the auditing process has been satisfactorily completed, if the system being used complies with the requirements of the UNE-ISO/IEC 27001 Information Technologies standard, Security techniques. Information Security Management System (ISMS). the organisation obtains:

  • the AENOR Certificate for Information Security Management Systems
  • A license to use the AENOR Information Security mark
  • The IQNet Certificate, passport for international access of its certification. With it, its AENOR certificate will be recognised by leading certification entities all over the world.
  • A licence to use the IQNet mark.

Furthermore, organisations with management systems certified by AENOR have free access to AENORnet and subscription to the AENOR monthly magazine.

Related logos or marks

AENOR - Information Security
AENOR Information Security mark
IQNet Mark
IQNet Mark

Experience with certification

AENOR is the indisputable leader in information security certification in Spain, making a major contribution to Spain's position in the world's top ten.

More than 300 certificates for ISMS issued by AENOR. Among the organisations certified are public administrations and numerous organisations in all sectors (health, technology, telecommunications, insurance, banking, services, law firms, construction companies, transport, etc.)

More information in video (in Spanish)

Contact us

Request detailed information from us today about the complete audit process (reports, timescales, visits, etc.) and an offer adapted to the needs of your organisation.
Tel. (+34) 914 326 000


All rights reserved: © AENOR, 2016

Share link

Information on AENOR - Legal notices - Statement of accessibilitySite map