ENG

Dedagroup's Information Security Policy

 

Our Group aims to ensure the security of the information that it processes, protecting it against possible internal and external threats of an intentional or accidental nature that may jeopardize its availability, integrity or confidentiality. Ensuring the continuity of the services we provide is also a primary objective for us. 
Our information security policies apply to all processes of analysis, design, development and maintenance of products and services and the related data. 
Information security management is based on the following principles: 

  • assessing the level of security of the information processed in order to establish the adequate levels of protection to be ensured; 
  • adopting a risk assessment and management process; 
  • ensuring the implementation of adequate security measures of a physical, technological and organizational nature in order to provide adequate support for the pursuit of the goals of the integrity, confidentiality and availability of information;  
  • ensuring that accidents with repercussions for information security are promptly identified and properly managed through efficient prevention, communication and proactive systems in order to minimize the impact on the business; 
  • regularly identifying objectives for improving the organization relating to information security, establishing plans for achieving them and monitoring their implementation, in addition to informing all interested internal parties thereof; 
  • guaranteeing the adequacy of the Information Security Management System in the event of changes in the organization’s internal or external environment; 
  • ensuring that personnel are aware of information security policies and objectives and of their role in maintaining the efficacy of the system; 
  • ensuring that personnel are competent and adequately trained; 
  • guaranteeing the implementation of adequate security levels by suppliers, partners, etc.; 
  • monitoring and constantly improving the system’s performance and efficacy; 
  • ensuring compliance with all rules and regulations applicable to the organization and all contracts entered into, and in particular with national and European legislation governing the protection of personal data. 


The goal is to guarantee a sound level of data and information security in the design, development and provision of services by identifying, assessing and managing the risks to which they are exposed. The current security policies lay down a set of organizational, technical and procedural measures designed to ensure that company security requirements are met.

 
 
 

Do you want to know more about this topic?
Write to us, we are at your disposal.