6We carry out the implementation, auditing and maintenance of management systems under ISO rules or any other type of standards.
- Quality management Systems: orientation on quality allows an organization to ensure third parties of the conformity of its products or services with regard to the requisites raised by the client and legal and regulatory ones, regardless of its size and type of product or service provided. Rule UNE-EN-ISO 9001 is the most widely spread given its application to all types of organizations (businesses, associations, foundations etc.) of all types of sectors and sizes, however we can also perform implementations of other types of rules in the sector.
- Environmental Management Systems (UNE-EN ISO 14001): the application of an environmental management system involves a guarantee that the activities of an organization fulfill the legislation in effect and respect the environment.
- Information Security Management Systems (UNE ISO/IEC ISO 27001): the objective, which is pursued when implementing these types of systems, is to maintain confidentiality, (the information is not to be made available nor revealed to non-authorized individuals, entities or processes ) integrity (information and its processing methods are maintained exactly and completely) and availability (access and utilization of information and its processing systems on the part of authorized individuals, entities or processes when they are required) of the information by means of the application of the risk management process and establishing a system of controls adequate for the risks detected.
- Compliance management systems (UNE-ISO 19600): they permit organizations to demonstrate their commitment to complying with regulations, which include legal requisites, the standards of the organization and good governance, best practices, ethics, industry codes and the expectations of the interested parties in general.
Advice on the application of the Data Protection Act
We verify the applicability of all the aspects contemplated by the Data Protection Act and the regulation that develops it, we manage the submission of identified files at the Data Protection Agency, draft security documents, advise on the implementation of the security measures to be implemented and perform the audits required by Article 96 of Royal Decree 1720/2007.
Advice on the application of the Act on the Prevention of Money Laundering and the Financing of Terrorism.
We determine the scope of application of the Act, process the communication to the SEPBLAC regarding the appointment of a representative, draft the manual on the prevention of money laundering and the financing of terrorism, train personnel in an manner which is appropriate for their functions.
On the other hand, we are able to carry out the external exams required by Article 28 of Act 10/2010
Advice on the Subject of Corporate Social Responsibility.
We provide advice on the implementation of corporate social responsibility models and policies (SGE 21, ISO 26000, SA8000), the development of instruments in order to oversee them as well as the dissemination and communication thereof between the interested parties by means of the production of updates and reports according to the principal standards. (GRI, AA1000).