1. Ethics and Integrity
  2. Information Security
  3. Volver


Ferrovial - Integrated annual report 2013 / Information Security

In 2012, Ferrovial’s Information Security Management System was certified according to standard ISO/IEC 27001.

Ferrovial has an internal information security regulatory framework (Corporate Framework for Information Security), stored on the corporate intranet, to safeguard the integrity, confidentiality and availability of the information produced and handled by and for Ferrovial.

It is based on the following basic principles:

  • Ownership of information.
  • Handling of information restricted to authorized and business purposes.
  • Adaptation to the legal framework.
  • Code of Business Ethics.

This framework is mandatory for all Ferrovial employees and partners, and applies to any kind of information that is generated, regardless of its nature and the means used for storing and transmitting it (in written or printed form, or contained in any other physical medium, digital information managed through information systems, information transmitted orally, etc.).

Ferrovial recognizes the strategic importance of its information assets and considers that the policies and procedures used to create, collect, handle, store, use, control and safeguard Ferrovial’s information are key factors for the carrying out of its activity and for its reputation.

Ferrovial also considers it essential to protect its information so that it is not destroyed, rendered unavailable, tampered with or disclosed without authorization. For this purpose, it has established a series of general practical guidelines and control mechanisms applicable both to Ferrovial’s information assets and to the systems that process and support them.

Ferrovial periodically carries out training, awarenessraising and communication actions to spread awareness of the need to protect business information.