Information Security, understood as the preservation of its confidentiality, integrity and availability, and that of the systems involved in its processing, is considered essential for the achievement of IDE’s strategies and goals.
Thus, it is necessary to know, assess and address in an orderly manner the risks to which the information is subject, in order to:
- Establish policies, procedures and controls in relation to the information security and business objectives.
- Observe and measure the indicators associated with the risks and controls.
- Always maintain the risk below the company’s acceptable level.
- Establish and manage the Business Continuity Plan, as an essential tool for maintaining the efficient management of information security and completing the cycle through continuous improvement.
IDE’s management understands Information Security as a process which must be fully integrated in the other business processes of the company and, as such, actively participates in the definition, monitoring, review and control of Information Security policies, procedures, instructions, records, objectives and controls to guarantee its constant improvement and business continuity.
IDE’s management undertakes to provide the company with the necessary resources for the correct implementation, development, maintenance and monitoring of business continuity and information security management.
IDE is actively committed to the compliance of the applicable legislation to which the company is obliged. Thus, it is aware of and abides by the applicable legislation on information security and the protection of personal data, and extends this our commitment to all members of staff and interested parties.
IDE staff awareness about and knowledge of Information Security and personal data protection, and the reporting of security incidents to those responsible for its management, is essential for the correct operation of the systems which support information in the company.
IDE carries out regular training and awareness activities in this area, considering these to be an essential element for ensuring the correct management of the knowledge of the staff which, consequently, affects the effectiveness of the actions and elements implemented in Information Security.
June 2024
WE ARE ALL RESPONSIBLE FOR IDE SECURITY
PSI01-information-security-policy-IDE.pdf