DCV obtains Information Security standard certification
ISO 27001 evaluates 114 internal controls that protect the confidentiality, integrity and availability of information from different threats.
As part of its mission as a provider of critical infrastructure and other services to the financial sector, with the highest quality standards, the Depósito Central de Valores (DCV) recently obtained the ISO 27001 standard certification on Information Security. This is the principal international standard on this matter and reviews in a complementary and specific manner 114 internal controls that seek to protect and preserve the confidentiality, integrity and availability of information from a wide range of threats.
“This certification allows us to show the market that the information security risks within DCV are being controlled and managed properly. It is a sign of confidence for our clients that their data is protected, because we have people in charge of managing the security of the information that has the skills and we have arranged controls and processes for it. And, above all, it shows the ongoing commitment of senior management for the critical issues in our business, of which one of them is security”, says Fernando Yáñez, General Manager of DCV.
The ISO 27001 certification is valid for three years, but considers revisions every year, adds André Medel, Head of bBusiness Continuity and Information Security at DCV, who led this project (which lasted two years). The business services and processes that are within the scope of the certification are the following: transfer of securities, custody, management of pledges and guarantees, administration of capital events, central registry of issuances, foreign stock exchange, international custody, MILA service (Latin American Integrated Market), international treasury, customer service desk, operations and IT services management, configuration and change management, IT security management, application development and maintenance and mass processing service.
Next steps? “Strengthen our internal processes in search of continuous improvement, emphasizing the dynamics of threats along with the scenarios that are generated. We always have to keep improving. At DCV we challenge ourselves to strengthen what we do”, adds André Medel.
Having complied with this standard adds to the certification that since 2014 DCV has had regarding its Business Continuity Management System (ISO 22301).