Eye with blue light

Information Security Policy

ISO 27001

The general objective of the Information Security Policy (ISP) is to establish a set of principles in the field of Information Security that allow compliance with the following guidelines:

- Define strategic guidelines at the corporate level that support the implementation of best information security practices, ensuring alignment with business requirements and legal, regulatory and technical information security requirements;

- Ensure the implementation and continuous improvement of a certifiable Information Security Management System (ISMS) in accordance with ISO 27001, namely: Defining the governance and operation model of the ISMS in terms of organization, functions, responsibilities, policies and associated processes;

- Sensitize all stakeholders to the importance of Information Security, constituting a reference guide that facilitates the implementation of requirements and minimize the risk of information security incidents;

- Know, manage, classify and treat information assets according to the strategic principles of information security;

- Manage information security risks periodically by identifying, assessing and defining noesis information security risk ecosystem mitigation strategies;

- Establish mechanisms to ensure the control of logical and physical access to information assets;

- Ensure that known security incidents are reported, thus allowing their treatment and continuous improvement of Noesis' response capabilities;

- Establish mechanisms to ensure the continuity of their security management services of business support infrastructures even following serious information security incidents.

Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.