Management System Policy Statement
Audisec has an Integrated Management System certified under four standards: ISO 27001 (information security), ISO 20000 (IT service management), ISO 22301 (Business Continuity Management) and ISO 9001 (Quality Management).
The MAIN objective is to ensure the confidentiality, integrity, availability and proper management of Audisec’s IT systems and services, ensuring compliance with all applicable legal obligations and giving the best service possible to customers.
General objectives of Audisec’s policy:
- That all processing of information related to the business processes indicated in the scope is carried out safely and only by authorized personnel, as well as protect the information of the organization against possible loss of confidentiality, integrity and / or availability.
- Comply with all applicable legal requirements, as well as any other requirements agreed with customers.
- Manage the provision of the services carried out by Audisec to customers effectively and efficiently, within a life cycle that allows the continuous improvement of the processes implemented.
- Ensure that all the services indicated in the scope are managed in such a way that they guarantee compliance with deadlines, rapid response, high quality and high customer satisfaction.
- Ensure uninterrupted service, fast incident resolution and high customer satisfaction.
- Ensure the continuity of the business of all activities in accordance with the continuity requirements agreed with customers. They should be consistent with the maximum allowable downtime for each service, reflected in the business impact analysis.
Management is committed to the long-term success of the SG, providing the human, technological and economic resources necessary for its efficient operation and effective maintenance.
Management sets system priorities:
- The provision of an uninterrupted service within the availability margins that have been defined for each of the services in the service catalog.
- Continuous improvement of the efficiency and efficiency of the processes that support the services.
- Ensure customer satisfaction by complying with the established service level agreements.
- Manage the risks to the organization that may arise in the provision of the services included in the scope.
- Compliance with specified quality management system requirements
Policy on Criminal Risk Management and Bribery Risk Management.
Audisec, Security of Information S.L.,as part of the responsibility to formulate policies and organize internal management systems, issues this policy of the system of management of criminal risks and Management of Bribery Risks.
Audisec, Security of Information S.L, assumes a number of obligations in relation to criminal compliance and the commitment in which such obligations are assumed, respected and applied not only by the company but by all its employees and other interested parties.
Senior Management sets out the following Criminal Compliance Policy, as a sign of its commitment to comply with the requirements of this policy, the Criminal Compliance Management System and all applicable criminal legislation; as well as the commitment to the ongoing search for the continuous improvement of the company and the Criminal Compliance Management System.