Integrated Policy of Management Systems ISO 27001 -20000 – 22301
Enimbos, as a supplier company of managed services for the provision, administration, management and continuity of cloud and on-premise environments, assumes its commitment to quality of service, information security and business continuity. Therefore it undertakes to ensure the proper management of information security, business continuity and IT services provided by the organization, in order to offer all Interest Groups the best guarantees for quality of these services, their continuity and security of the information used in these services. For all the above, the Management establishes the following principles:
- • Establishing goals and objectives focused on performance evaluation in the delivery of IT services, security of information and continuity, as well as the continuous improvement in our activities, regulated by the Management System that developes this policy.
• Commitment to compliance with applicable legal requirements and other requirements that the organization subscribes in addition to the commitments made to customers and the continuous updates of them.
• Establishing continuous improvement as the basis of our activities, in order to guarantee and increase the quality of services and reduce, as far as possible, their interruptions.
• Identifying potential threats as well as the impact on business operations that those threats, if realized, may cause.
• Providing a framework to increase resilience or resiliency to provide an effective response
• Ensuring a quick and efficient recovery of services, against any physical disaster or contingency that might occur that puts at risk the continuity of operations.
• Guarantee that the business continuity system aligns with the changing needs of the company, improves continuously and complies with applicable requirements
• Preserving the interests of its interested parties (customers, shareholders, employees and suppliers), reputation, brand and value-creating activities.
• Preventing incidents of information security to the extent that is technically and economically viable as well as mitigating the security risks of information generated by our activities.
• Working together with our suppliers and subcontractors in order to improve the provison of IT services, continuity of services and security of information, that have an effect on a greater efficiency of our activity.
• The maintenance of a fluid communication with a commitment to open and cordial dialogue, both internally, between the various levels of the company, as well as with customers, administrative sections, associates and other groups interested in our activities.
• Evaluating and ensuring technical competence of employees, as well as ensuring their adequate motivation for their participation in this continuous improvement of our processes, providing adequate training and internal communication to develop good practices defined in the system.
• Ensuring the correct state of the facilities and proper equipment, so that they are connected with activity, objectives and goals of the company.
• Looking after for ensuring the satisfaction of our customers, including interested parties on the results of the company, in everything referred to the development of our activities and their impact on society.
• Ensuring a continuous analysis of all relevant processes, establishing appropriate improvements in each case, depending on the results obtained and the objectives set.
These principles are assumed by the Company’s management, who has the means and provides its employees with sufficient resources for its fulfilment, translating them and putting them in the public knowledge through this Integrated Policy of Management Systems.