The Information Security Policy establishes the guidelines and principles established by ORQUIDEA TECHNOLOGY GROUP to guarantee the protection of information, as well as compliance with the defined security objectives, thus ensuring the confidentiality, integrity and availability of information systems and compliance with associated legal requirements.
Likewise, we are aware of the importance of compliance with current regulations on the protection of personal data and the implications for the company and its interested parties.
The Management of ORQUIDEA TECHNOLOGY GROUP assumes and establishes the following commitments with respect to the Information Security Management System (ISMS):
- Ensure the confidentiality, integrity and availability of information.
Comply with all applicable legal requirements.
- Ensure business continuity by developing continuity plans in accordance with recognized methodologies.
- Provide the organization with all the necessary resources for proper management of the Information Security System.
- Train and educate all employees on information security.
- Satisfy the expectations and security needs of all our stakeholders.
- Provide resources to prevent information security incidents and adequately manage the incidents that have occurred, as well as implement all the necessary measures to avoid their repetition.
- Inform all employees of their functions and security obligations and the obligation to comply.
- Continuously improve the ISMS and with it the security of the organization’s information.
- Carry out and periodically review a risk analysis based on recognized methods that allow us to establish the level of information security and protection of personal data and minimize risks through the development of specific policies, technical solutions and contractual agreements with specialized organizations.