SICE Tecnología y Sistemas, S.A. (SICE TyS) believes that Information Security must be a priority in the organization. To that end, the Board takes responsibility for the Information Security Management of the processes and activities that take place on the premises of the Head Office, and with the full participation of senior managers and staff it commits to:
- Maintain and periodically review an Information Security Management System (ISMS), according to international standard ISO 27001, whose scope is applicable to the hosting system in the data processing centers that support the smart traffic and transport system development activities, security systems, as well as internal and external control processes.
- Permanently improve the effectiveness of the ISMS implemented, applying the actions decided upon after analyzing the information security performance results and the information obtained in the audits and in the periodic reviews.
- Promote a proactive culture of improvement by managing the risks and opportunities consistent with the context and the organization’s stakeholders.
- Establish, plan and review goals consistent with this Policy, taking into account the applicable information security requirements, the results of the risk assessment and handling, and follow up on the actions that are decided upon to achieve them.
- Comply with applicable legal and contractual requirements in the area of information security.
- Guarantee the confidentiality of the information at all times.
- Ensure the integrity of the information about all the processes that manage, process and store it.
- Guarantee the availability of the information using appropriate support and business continuity measures.
- Logically and effectively manage any incident or weakness that may compromise or may have comprised the confidentiality, integrity and/or availability of the information.
- Ensure that all the staff within the scope of the ISMS have the appropriate training and awareness in the area of information security.
The Management of SICE TyS trusts that everybody in the Company understands the importance of the commitments set out, accepts them and incorporates them into their work, and that it will form part of general and daily management.