Aware of the importance of information security, from the direction of DIAGONAL COMPANY SERVICES & SOLUTIONS, S.L. (hereinafter referred to as DIAGONAL COMPANY) the establishment of an Information Security Management System has been promoted in accordance with the requirements of the ISO / IEC 27001 standard in order to identify, evaluate and minimize the risks to which your information is exposed and guarantee the fulfillment of the established objectives.
The Management of DIAGONAL COMPANY values especially as the main criterion for estimating its risks the assessment of the availability and confidentiality of its information and even more that of its clients. Given this, it has assumed the commitment to implement an Information Security management model, being aware that a project of such magnitude requires the effort, involvement and constant participation of all members of its organization. For this reason, a Security Committee has been established with sufficient authority to play an active role in the Information Security Management System, supervising its implementation, development and maintenance.
Compliance with this Security Policy is applicable to any employee, as well as to any external person whose activity may be affected, either directly or indirectly, by the requirements established in the system.
In order to comply with applicable regulations regarding safety in general and computer security in particular DIAGONAL COMPANY has established control mechanisms whose objectives are:
- Ensure compliance with current legislation, regulations and agreements with third parties which affects the processing of information.
- Ensure confidentiality of the data obtained and managed, ensuring the availability of information systems, both in the services offered to clients and internal management as well as ensuring the integrity of information, avoiding alterations therein.
- Ensure continuity in the operations of the company in order to allow normal operation of critical services even if some of its functions were damaged by an internal or external accident.
- Promoting competition, awareness and training in information security.
- The responsibility of employees in relation to report security breaches; preserve confidentiality, integrity and availability of information assets in compliance with this policy and enforce policies and procedures inherent Management System of Information Security.
- This security policy information will be found always aligned with the general policies of DIAGONAL COMPANY and serve as the framework to other internal management systems, such as quality policies.
In Barcelona, June 08, 2021