By means of this system, the company standardizes its criteria and methodologies to guarantee the confidentiality and integrity of the information provided by its clients and suppliers.
The ISO 27001 certification allows FacePhi to continue promoting its presence in regulatory sandbox programs around the world, such as the one in which the firm is already immersed in South Korea
The company’s personnel has invested more than 500 hours in specific training to ensure optimal information management at all levels of the organization, which will undergo five additional audit plans each year
The Spanish company, FacePhi, takes a new step to continue guaranteeing security in processing of data in all its processes, after being certified in the ISO 27001 standard. This international certification validates the implementation of the so-called Information Security Management System (ISMS), which demonstrates that all information accessed by the company is handled in a responsible and reliable manner.
Currently, the ISMS is the most recognized framework for any company that wants to globally certify the security in the processing of information, by standardizing criteria and methodologies that guarantee the confidentiality and integrity of the data provided by customers and suppliers. Thus, the achievement of ISO 27001 gives new impetus to FacePhi’s entry into programs such as the so-called regulatory sandboxes, test spaces created by public administrations to innovate and improve existing legislation in fields such as the financial sector.
“Our projects with financial groups in South Korea have already opened the doors of a regulatory sandbox in this Asian country, where the possibility of extending facial recognition as a safe way to open a bank account is being tested. From this experience we have learned the value that national and international regulators give to technological solutions with a high standard of regulatory compliance, so obtaining ISO 27001 is a new qualitative leap for FacePhi in its relationship with public administrations”, explains Jorge Félix, Quality and Systems Manager at FacePhi.
The attainment of this recognition in information security has been the result of an exhaustive process of analysis and optimization of processes by the company, which has invested more than 500 hours in specific training to ensure optimal management of data in all levels of the organization. This process has involved the examination of more than 10,000 information assets, from documents and images to computer programs, code files and physical devices, in addition to the creation of five additional audit plans each year.
Currently, FacePhi is in the process of adapting its entire infrastructure, with the aim of establishing a guarantee system superior to those of any other company in the sector throughout the international scene, and where the implementation of a complete Business Continuity Management System (BCMS) and the ISO 27001 certification itself will play a fundamental role.