ApSIC, S.L. wants to protect its customers and business goals by offering its employees, partners, suppliers and customers a secure working environment with security measures and operating processes that are suitable for the activities of the information systems that support the information in the delivery of translation services, IT services and development and sales of software developed by ApSIC according to the currently effective statement of applicability.
These are the principles that are considered:
- Preserve confidentiality avoiding its disclosure and access by non-authorized people.
- Preserve information integrity ensuring its accuracy and avoiding damage or loss.
- Ensure information availability in any kind of media whenever need be.
Information security must be flexible, effective and be able to support the company’s business model. For this reason, ApSIC’s Management commits to develop, deploy, maintain, and continuously improve its Information Security Management System (ISMS) with regards to the procedures used when delivering our services and handling customer information.
For this purpose, we set the following guidelines:
- Setting of goals for information security.
- Compliance with legal requirements and other applicable requirements.
- Engagement in training and awareness activities for the staff in the scope of the processes of information security.
- Risk analysis, management and processing for all information assets.
- Setting the needed actions to mitigate or eliminate detected risks.
- Setting the accountability of employees to report security incidents.
- Preservation of the confidentiality, integrity and availability of all information assets.
- Compliance of the ISMS policies and procedures.
ApSIC’s Management assigns the responsibility and authority to its Security Officer for maintaining this policy, providing advice and guidance for its implementation and corrective actions against compliance issues, as well as in the management of policies, procedures and activities of the ISMS.
This security policy will be always aligned with general policies in the company.
Effective as of March 13, 2022