Unicaja has obtained from AENOR the certifications related to Information Security and Privacy Management (ISO/IEC 27001 and ISO/IEC 27701), which reflect the work and commitment of the institution in this area. It is the first and only financial institution to hold both AENOR certifications.
The bank has maintained its Information Security Management System certification since 2007. In addition, for the second consecutive year, it has been reinforced with a new certification, an extension of the first one, for its Information Privacy Management in the area of personal data protection in the bank.
The AENOR certification guarantees that the institution is effectively and adequately managing security and privacy in the processing of information, that it applies continuous improvements and complies with current legislation on personal data protection. In addition, it incorporates effective mechanisms and controls that contribute to implementing privacy by design and by default in data processing.
As AENOR points out, effective information security management guarantees confidentiality (ensuring that only those authorized can access the information), integrity (ensuring that the information and its processing methods are accurate and complete) and availability (ensuring that authorized users have access to the information and its associated assets when required).
The certification of the Information Security Management System contributes to promote the protection activities of their systems and information in the organizations, improving their image and generating third party confidence.
Commitment to information security
Unicaja's commitment is to offer its customers secure digital environments, which is why it works to protect their operations and all their information. Thus, the bank has the latest technology, adding high security standards to the applications and systems designed to protect customer information with the highest level of security.
AENOR certifies Unicaja's information security and privacy management system for the services of:
- Electronic Banking.
- Corporate website and promotional websites.
- Consultation services, payments, deposits and cash withdrawals at ATMs (Financial Self-Services).
- Host-based ICT operations support and back-office management services
- PoST associated services.
- Internal ICT services based on distributed systems (microcomputer environment, intranet and data ware house).