Certifications, Standards, and Compliance

ISO 9001 is a certified quality management system (QMS) for organizations who want to demonstrate their ability to consistently provide products and services that meet the needs of their customers and other relevant stakeholders.

ISO 14001, the most current version being ISO 14001:2015, specifies the requirements for an environmental management system that an organization can use to enhance its environmental performance in a systematic manner that contributes to the environmental pillar of sustainability.

ISO 50001, the most current version being ISO 50001:2018, specifies requirements for establishing, implementing, maintaining and improving an energy management system, whose purpose is to enable an organization to follow a systematic approach in achieving continual improvement of energy performance, including efficiency, use and consumption. It has been designed to be used independently, but it can be aligned or integrated with other management systems.

An internationally recognized best practice framework that specifies the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS). ISMS is a systematic approach to managing sensitive company information including people, processes and IT systems.

The National Security Framework (ENS) is a mandatory Law for companies in the public sector and their technology suppliers, which lays down the necessary conditions to guarantee trust in the use of electronic media. It promotes the continuous security management, which is key for the digital transformation in a context of cyberthreats; at the same time it facilitates cooperation and provides an uniform set of requirements to the Industry, constituting as well a reference of good practices.

The PCI Security Standards Council offers comprehensive standards and supporting materials to enhance data security for payment cards. They include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process, including prevention, detection and appropriate reaction to security incidents.