In the scope of the Certification Program based on the ISO 27001 international standard, EDP Distribuição implemented an Information Security Management System for its Mission Critical Information Infrastructure (SGSI-IIMC), which systematizes, develops and consolidates the best practices in the field of Cyber Security, representing a key contribution to compliance with the Network and Information Security (NIS) Directive and the RGPD, and is still a relevant element in Business Continuity certification (ISO 22301).
Following the top management interviews and the representatives of the 7 Organizational Units involved, and after technical inspections of the most relevant facilities (integrated supervisory center and datacenters), the auditor testified to the company's commitment and maturity in this area, as well as the solidity and compliance of the ISMS-IIMC in its various aspects. EDP Distribuição was awarded with the certification in Cybersecurity, becoming the first business unit of the EDP Group and also the first company from the national energy sector to be certified with the ISO 27001 standard.
This result was only possible with the involvement, commitment and active participation of the entire organization in the implementation and development of the ISMS-IIMC, representing the recognition of the Cybersecurity strategy that EDP Distribuição started in the last decade as a priority in its commitment to protect its networks and customers.