In response to a new technological environment where convergence between information technology and communications is facilitating a new productivity paradigm for companies, IT-Decision Telecom, is highly committed to maintaining a competitive service through offering a responsible business model based on the permanent search for economic, social and environmental balance, where the development of good practices in Information Security is essential to achieve the objectives of confidentiality, integrity, availability and legality of all managed information.
Consequently, IT-Decision Telecom defines the following principles of application to be taken into account in the framework of the Information Security Management System (ISMS):
IT-Decision Telecom for the correct performance of its business functions is based and helps in the treatment of different types of data and information, supported by systems, programs, communications infrastructure, files, databases, files, etc., constituting these , one of the main assets of IT-Decision Telecom, in such a way that their damage or loss affects the performance of their services and can jeopardize the continuity of the organization. So that this does not happen, an Information Security Policy has been designed whose main purposes are:
The Management of IT-Decision Telecom assumes responsibility for supporting and promoting the establishment of the necessary organizational, technical and control measures to comply with this Information Security Policy. As well as, to provide those resources that are necessary to resolve as quickly and efficiently as possible, the nonconformities and incidents of information security that may arise, and the implementation of the necessary measures so that they do not return to occur.
This Policy will be maintained, updated and appropriate for the purposes of the organization, aligning with the organization’s risk management context. For this purpose it will be reviewed at planned intervals or whenever there are significant changes, in order to ensure that its suitability, adequacy and effectiveness are maintained.
Similarly, a formally defined risk assessment procedure is established to manage the risks that IT-Decision Telecom faces.
For its part, all policies and procedures included in the ISMS will be reviewed, approved and promoted by the IT-Decision Telecom Management.