Information Security consists in protecting information and its supporting assets (systems, networks, infrastructures and other) in three essential aspects: Confidentiality, Integrity and Availability. The protection of information must comply with our company's internal policies regarding information but also with all the applicable national and international laws and regulations.
As regards the ISM – Information Security Management programme, NOS created an Information Security Committee (GRC – Governance Risk and Compliance Committee) which was assigned by the Executive Committee the task of monitoring risks associated with security, proposing regulations and promoting awareness-raising initiatives, among other duties.
Under the Committee’s supervision, different business units develop a plan of internal initiatives with a view to consolidate controls and processes for the management of Information Security.
Security initiatives vary in nature, such as the development of Policies and Regulations, the management of projects to implement security processes or technologies, the production of indicators, carrying out training and awareness-raising actions, etc.
Learn about the NOS Security Principles.