Electricity Market Operator - SC Opcom SA focuses all its efforts and resources in order to ensure the quality of the services carried out to operate the Romanian wholesale electricity market.
SC Opcom S.A. has established, as a part of its global activity, implementation of the Quality Management System.
The quality policy is based on the following guiding principles:
Chief Executive Officer assumes the whole responsibility for the adoption of the Quality Management System and for its continuous improvement.
The entire Opcom ‘s personnel must be aware and abide by the responsibilities assigned within quality area and for the implementation of the Quality Management System in the activities, which are carried out by them.
The Information Security Policy of OPCOM S.A. is to continuously aim for the fulfillment of its responsibilities in the electricity and gas markets at national and European level, while ensuring information security at the highest standards by implementing and operating an Information Security Management System in full compliance with the international standard ISO 27001:2013, aiming at continuous improvement and certification of the organization.
OPCOM S.A. is aware that the attributes of Information Security Management - confidentiality, integrity, and availability - are integral parts of managerial functions. OPCOM S.A.’s top management treats these attributes as main and fundamental responsibilities for good organizational practices regarding the adoption of appropriate security measures, harmonized with the requirements of the international standard ISO/IEC 27001:2013.
Furthermore, OPCOM S.A., as an operator of essential services, implements the necessary measures to comply with the provisions of Law no. 362/2018 on ensuring a high common level of security of networks and information systems law which transposes Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 on measures for a high common level of security of networks and information systems in the Union (NIS Directive).
OPCOM S.A. acts for:
The responsibility for supporting and complying with this policy belongs to the entire organization, under the guidance and assistance of top management, which encourages the commitment of all personnel in addressing information security as a part of their professional skills and organizational culture.
In this sense, the management of OPCOM S.A. appointed an information security management representative, as well and a team responsible for NIS (Network and Information Security), whom, together with the work team for information security and the Security Incident Response Team, coordinate the activities of the organization regarding information security and represents OPCOM S.A. in its relationship with consultants, the certification body and interest groups or other specialized forums or professional associations in the field of information security.
Quality Management System and