AERIAM has implemented and maintains an information security management system, based on the ISO / IEC 27001 guidelines, certified by AENOR since December 2007. The objective is to satisfy the clients’ requirements and improve our processes, constantly improving efficiency in the management of information security in the company.
The security policy of the company is outlined in the following guidelines:
- Management personally assume responsibility for the leadership of security and it’s strategic importance
- AERIAM personnel take charge of security as one of its basic principles of action, understood as protection and a way of working that assures the confidentiality, integrity and availability of information systems.
- To guarantee confidentiality, integrity and availability in all work relating to the development of specific activities for our clients.
- Compliance to applicable legislation and regulations, as well as commit all requirements established voluntarily.
- Assure that all products designed by AERIAM and activities carried out during their design possess an increasing level of security and have passed the necessary tests in order to guarantee an acceptable level of risk.
- Guarantee that any risks taken on by AERIAM are of an acceptably low level
- To constantly request feedback from clients and employees in order to continuously improve our processes
- Guarantee the category and professionalism of all staff that work in the name of AERIAM
- To provide AERIAM personnel with a working environment that offers recognition of effort, internal promotion and professional development. Furthermore, to generate a general culture for carrying out work securely with procedures that do not raise the level of risk that AERIAM is exposed to
AERIAM aims to project an image of security and confidence to its clients, which will be measured by non-conformity communications, for the continuous improvement of the information security system.
|