Information security policy stakeholders
We hereby inform our stakeholders of the existence of Information Security Guidelines established within our organization to demonstrate Excelia's commitment to protecting and guaranteeing the principles of confidentiality, integrity, and availability of the information handled within the organization. We operate under an Information Security Management System, the scope of which not only affects the use of assets but also extends to all individuals and third parties, ensuring their knowledge and compliance with these Guidelines, structured according to the ISO/IEC 27001:2013 standard. Both the Information Security Policy and Guidelines are aligned with the General Data Protection Regulation (GDPR). This security regulation impacts the following areas of the organization:
- Access to the facilities. In which access rules are regulated, with special mention of access to secure areas and regulation of access to people outside the organization.
- Access to the corporate network. Corporate resources are protected with the necessary technical security measures to ensure information protection, whether stored on-site or externally. Access to and use of information are governed by security protocols, with particular attention to sensitive or confidential data.
- Use of assets. Employees at Excelia are committed to using and caring for the equipment provided by the Organization for the performance of their duties and tasks responsibly. To this end, operating procedures are outlined and configurations are implemented to protect the information stored on these devices.
- Internet use. Special attention is paid to regulating the use of the internet, email, and cloud storage for professional purposes in order to minimize risks that may arise from unregulated use of these tools.
- Incident management. The involvement of Excelia's people in security matters helps to detect potential problems that could jeopardize the confidentiality, integrity, and availability of the services or assets they support.
- Business continuity. All the means implemented for the availability and continuity of the business are in line with the requirements of the ISO schemes certified in the organization.
- Intellectual property. Protected by the commitment of Excelia's people in accordance with the organization's confidentiality rules.
- Violation of Security Policies and Guidelines is subject to sanctions in accordance with the mechanisms enabled by current legislation.