Activities
Wind Energy
Hydroelectric Projects
Hybrid Projects
Solar Energy
Biomass & Waste Management
Pumped Storage Projects
Terna Energy

INFORMATION SECURITY POLICY

ISO 27001:2013

Purpose of TERNA ENERGY SA is the implementation of a wide range of Public and Private projects. These projects feature a large budget and complex know-how, such as wind farms, photovoltaic power plants, hydroelectric projects, pumped storage projects, biogas and waste management projects, etc.

TERNA ENERGY belongs to GEK TERNA Group and is active in the field of construction of Renewable Energy Sources projects. Its strong and efficient organizational structure ensures a dominant presence in key areas of business operations.

Today, TERNA ENERGY proceeds with the completion of large and complex infrastructure projects. At the same time, based on its strong domestic base, TERNA ENERGY expands its business activities in other countries.

TERNA ENERGY is committed to the implementation of the Information Security Management System, recognizing that the active participation as well as the knowledge of both the System and its implementation philosophy are prerequisites for the achievement of the organization's objectives within the existing legal framework and the needs that are related to its activities in the business area in which it operates.

In order to ensure a security level proportional to the criticality and confidentiality of the transmitted data, as well as to maximize the reliability of the organization's data, top management has:

• established the position of an Information Security Manager, who is responsible for the maintenance and improvement of the security information system and who reports directly to the Management.

• taken into consideration all applicable regulatory and legal requirements of the country as well as the requirements arising from signed contracts with customers

• adopted and implemented a specific method of identification, evaluation and dealing with risks.

• decided the field in which the system will be implemented

• elaborated and approved the Business Continuity Plan

• trained all involved employees

• approved the level of residual risk, at regular intervals

 

For the Company, information security is not only considered as regulatory requirement, but as a key strategic tool in order to gain customer trust and a competitive advantage at a time when the largest amount of information is in electronic form.