Information Security Policy

SISCOG assumes the adoption of an Information Security Policy, in its fundamental pillars, Confidentiality, Integrity and Availability, as a facilitating and differentiating factor for its products and services, and commits to maintaining and continuously improving information security.

Within this scope, SISCOG commits to the following:

• To fulfil the applicable legal and regulatory requirements related to Information Security.
• To protect the most important information assets, as the source code produced, and the information produced to or received from third parties.
• To implement the appropriate procedures to handle security incidents and to implement accountability processes for violations of internal system policies and procedures.
• To preserve, at all times, the confidentiality, integrity and availability of the relevant information related to the activity of SISCOG.
• To protect SISCOG's information from malicious agents, both internal and external, through effective and timely management of existing vulnerabilities, taking into account their risk.
• To manage the information according to this policy, through an information security management based on the analysis and appropriate management of the risks.
• To inform, promote and make employees and stakeholders aware and in compliance with the established Information Security policies and procedures.