PONS IP, a global consulting firm specialized in Intellectual Property, was awarded by Bureau Veritas the certification of compliance with the international standard ISO 27001, which guarantees maximum security in information management protocols. In this way, Bureau Veritas accredits PONS IP’s firm commitment to strengthening information protection for clients during all phases of service provisioning, thus having a comprehensive information security management system that guarantees the confidentiality, integrity and security of the company’s information.
The international ISO 27001 standard, which establishes the requirements and good practices for Information Security Management Systems, makes it possible for PONS IP to strengthen all data security by implementing risk assessment processes in the organization as well as the appropriate controls to preserve the confidentiality, integrity and availability of information assets, taking the necessary technical, organizational and legal measures to minimize cybersecurity risks. As detailed in a recent report of the Spanish National Institute of Cybersecurity (INCIBE), data loss due to cyberattacks, physical disasters or human error already represents losses of between 2,000 and 50,000 euros per year for SMEs in Spain.
Thanks to this certification, PONS IP is positioned as one of the leading companies in Spain for its commitment to information integrity when providing services. Nowadays, according to the latest available data from the ISO Survey, only 997 Spanish companies have the 27011 certification in Information Security Management, one of the most demanding in the range of certifications related to technology and cybersecurity worldwide.
At PONS IP, the implementation and certification project has been led by a multidisciplinary team composed of Jonathan Torres, Head of Processes, Ramón Ugarte, Head of Digital Transformation, Pedro Navas, Systems Director and Head of Security, and Alicia Salinas, Head of Quality and Training. According to Salinas, having a structured and comprehensive information security policy “will help us to identify information security risks more effectively and to take the appropriate controls, offering even more confidence in information management to our clients and all stakeholders“.