This interview was published by Legal 500. Read the full article here. Please provide an overview of the legal framework governing privacy in your jurisdiction (e.g., a summary of the key laws, who is covered by them, what sectors, activities or data do they regulate, and who enforces the laws enforced)? The legal framework governing […]
Our cyber-security department is composed of a team of professionals with a technical and legal background who are specialists in the area.
In order to implement information security management systems (ISO 27001 and 27002), business continuity (ISO 22301), risk management (ISO 31000), as well as other standards and regulations such as the Spanish Security Framework, risk & compliance, ECIJA has a multidisciplinary team, and specific management tools that make it possible to perform the following processes in a dynamic, effective and continuous manner (following the PDCA cycle, amongst other processes:
- Inventory of processes and assets
- Analysis and management of risks
- Management of security requirements, projects and actions resulting from management systems
- Management of audits and incidents
- Management of records of the regulatory framework
ECIJA’s cyber-security department performs essential work in research, assistance and protection in the event of breaches of security, incidents, and complaints, by conducting specific technical analyses, forensic analyses, and gathering electronic evidence, etc.