The management of ASPA TECHNOLOGY S.L. establishes, approves, disseminates to all levels of the organization, implements, controls and reviews the Information Security policy that it considers most appropriate for the organization in order to achieve its Information Security objectives.
To achieve this, the management of ASPA TECHNOLOGY S.L. ensures that the aforementioned policy
- Is adequate to realize the purpose of the organization.
- It is the appropriate framework to establish and review the objectives of Information Security, in order to achieve them in the pre-established conditions.
- It includes a commitment to meet the needs of Confidentiality, Availability and Integrity within the scope of the organization's ISMS and to continually improve the effectiveness of the ISMS itself.
- Once the Information Security Policy has been approved, it is published in the different media available to the organization, so that all personnel are aware of it.
- Once the Information Security Policy has been approved, it is published in the different media available to the organization, so that all personnel are aware of it.
- The Information Security Policy of ASPA TECHNOLOGY S.L. is reviewed annually, to ensure its continuous adaptation to the purpose of the organization, to the nature of its activities, and as a commitment to the fulfillment of the customer's requirements and to the applicable legal or regulatory requirements.
Information Security in the provision of the service is the objective on which the activities developed by ASPA TECHNOLOGY S.L. are based.
In order to meet the objectives ASPA TECHNOLOGY S.L. is committed to
- Provide services in an optimal and efficient manner, satisfying the needs and expectations of customers and interested parties.
- Ensure that the legal and regulatory requirements applicable to the services provided by ASPA TECHNOLOGY S.L. are met.
- To continuously improve through the establishment and fulfillment of objectives that will ensure it.
- To use part of its resources in R&D&I projects, in order to achieve the objectives and priorities of the research policy, the development and the technological innovation of our company.
- To allocate the necessary resources for the achievement of the objectives of Information Security Management defined by ASPA TECHNOLOGY S.L.
- To permanently analyze the information gathered during the performance of activities, as well as that issued by customers, in order to correct and prevent failures and to improve processes and services.
- Train all employees of ASPA TECHNOLOGY S.L. in order to help us to continuously evolve through the establishment of new objectives.
- Establish a documented system to ensure compliance with the guidelines assumed here.
All ASPA TECHNOLOGY S.L. personnel must know, understand and apply this Policy, so the organization takes the appropriate measures to make it so.
To achieve these goals, ASPA TECHNOLOGY S.L. maintains an Information Security Management System based on the requirements of the ISO 27001 standard, oriented to carry out with excellence all the activities it performs.