Externalia considers that both the Information Security that it treats and the Provision of IT Services to its Customers is a fundamental part of its business and, therefore, a Management System has been developed and implemented, in accordance with the requirements of the Standards ISO / IEC 27001, ISO IEC 27701 and ISO / IEC 20000-1 as an organizational and methodological support to undertake the path of Continuous Improvement through:
- The taking of technical and organizational measures necessary to protect the availability, confidentiality and integrity of the information as well as the privacy of all personal data processing that is carried out.
- Restrict and control access to information and the means for its treatment.
- Meet the requirements of our clients regarding information security.
- Have means to prevent, manage and resolve security incidents.
- Ensure that the services are aligned with the needs of our customers and users
- Compliance with business, legal and regulatory requirements
- Provision of technically competent and properly trained staff to carry out the tasks with the required quality guarantees.
- The active participation of all staff based on the concept of self-management of the job and continuous training
- The provision of adequate material resources for the production process and in accordance with the degree of precision required.
- The establishment of the necessary measures to prevent, study and eliminate, whenever possible, the factors that may adversely affect the management of the Services
- The establishment of annual Objectives and the allocation of resources, both technical and material and human, for their realization, which guarantees the Continuous Improvement of the desired quality levels
- Improve communication between the staff involved in the provision of IT services and the clients and users of those services.
- Improve the effectiveness and efficiency of the internal processes of provision of the Services
The Management of Externalia, undertakes to lead this process and allocate the necessary resources to meet the requirements established in the Management System, meet customer requirements and achieve the objectives set.
Each employee is responsible for complying with this Policy and the requirements of the Management System as they apply to their work. Non compliance may be grounds for punishment.