Policy for Information Security
Implementing and maintaining a secure information management system is one of the objectives to which System Innovation s.r.l. (hereinafter also Corporate Organization) pays high attention, in view of the strategic importance of managing the security of information, IT systems and services provided for your business.
The Corporate Organization is aware that information security management is a complex cultural process that requires the involvement of all human resources present within the corporate organizational context.
System Innovation has developed for years an innovative business model with high technological content and evolving. The Company Organisation is also committed to offering advice, solutions and services for the development, integration and security of technological infrastructures by pursuing a risk-based approach and preserving confidentiality, the integrity and availability of information.
System Innovation is committed to pursuing information security and personal data protection objectives in accordance with applicable mandatory requirements.
These objectives include:
- develop and certify a management system compliant with ISO 27001:2022;
- preserve the confidentiality, integrity and availability of information, ensuring that information is not made available or disclosed to unauthorised third parties, safeguarding the accuracy and completeness of the information and ensuring the accessibility and use of the latter only to authorised parties;
- guarantee to the customer a high professionalism and competence of the Staff to offer a service and to implement better and better methods of delivery;
- to ensure that Staff and all collaborators have adequate knowledge and awareness of information security issues and are aware of their responsibility in managing information security;
- ensure that suppliers and external collaborators are aware of and comply with the security policies adopted by the Organisation;
- ensure the security of information not only within the business organization, but through their skills and knowledge, ensure professional services in support of design, development and implementation of IT solutions for technological innovation and process integration in ICT and to support the provision of professional services in ICT.
To this end, the permanent objective of System Innovation is to continuously improve the performance of its information security management system; In favour of this, preliminary assessments of risks and opportunities related to business processes, internal and external verification activities and the Management’s review are carried out.
The Company Organization also undertakes to ensure the ongoing involvement of the Staff and to review this policy to ascertain its continued suitability and applicability.
The Management undertakes to approve, formalise, disseminate and implement this information security management system policy.