• Security Audits
• Security Planning
• Information Security Management Systems
• Platforms & Services Security
• Security Operations Center
• Specialized Solutions

Procedures and Control Definition

Definition of Procedures and Controls is a fundamental factor when establishing an IT Management Model or an Information Security Management System (ISMS). Different methodologies or standards are used in accordance with the requirements or needs of the client; among the most extensive are CObIT, ITIL, and ISO-17799. Proper structuring of documents using Policies, Procedures and Guidelines, as well as instructions, make an organization’s Information Systems easier to manage by adapting ITCs and Security to the objectives of the Organization.

Definition of Indicators and Security Control Panels

The Control Panel is a methodology or tool for security management and operation that reflects the current situation of the organization, the planning of actions and the progress made in attaining its objectives. To this end, the Control Panel reflects different aspects of security, starting with automated or manual data compiled for easy interpretation according to the definition of metrics and indicators. This information is stored and compared historically so that the evolution of the organization's Security level and the Management System itself can be analyzed.

Help with Certification

GMV has ample experience and knowledge in the implementation and certification of Information Security Management Systems , based on standards like ISO 27001:2005, UNE 71502:2004 or BS-7799-2:2002 . When approaching a project to install an Information Security Management System (ISMS) , specialized and experienced consulting is crucial for the implementation as well as the certification of the system. In certain companies, having ample experience and knowledge about the different options available for solving certain problems can increase efficiency and reduce implementation and certification costs."

Implementation of GMV´s ISMS

In a manner consistent with its constant efforts in R&D/Innovation to provide the most innovative solutions for its clients, GMV began formally implementing their Information Security Management System in February of 2004, right after publication of the UNE 71502:2004 standard. This initiative, consistent with GMV's mission, defines the implementation of the ISMS as the basic tool for the management and continuous improvement of a company’s security. It is also the first step in determining the specifics of this solution in order to offer a better adapted, more reliable and more effective tool to its clients.
Thus, in December of 2004, GMV-IMS passed the certification audit process, being the first company in the industry to implement and certify its ISMS successfully.

GMV also was concerned with ISO/IEC 27001:2005 standar availability. Its publication tiggered the process to further evolve then current ISMS into a ISO 27001:2005 consisten ISMS. This mission was acomplished on December 2006, when GMV Soluciones Globales Internet, S.A achieved the certification for the new standar.