{"id":836,"date":"2022-04-22T10:22:13","date_gmt":"2022-04-22T10:22:13","guid":{"rendered":"https:\/\/exceltic.serquo.com\/?page_id=836"},"modified":"2025-05-19T11:59:56","modified_gmt":"2025-05-19T09:59:56","slug":"politica-de-seguridad-de-la-informacion","status":"publish","type":"page","link":"https:\/\/exceltic.com\/en\/information-security-policy\/","title":{"rendered":"Information security policy"},"content":{"rendered":"<p>The Management of Exceltic <strong>identifies and protects its information assets and those of its Customers, <\/strong>ensuring internal business continuity and continuity in the services provided to our customers.<\/p>\n\n\n\n<p>Our strategy is based on prevention: minimising the risk of damage by preventing security incidents, as well as reducing their potential impact when they are unavoidable, whether they occur deliberately or accidentally.<\/p>\n\n\n\n<p class=\"has-secondary-color has-text-color\">Objective<\/p>\n\n\n\n<p>Information must always be protected, regardless of how it is shared, communicated or stored. It must be preserved and secured:<\/p>\n\n\n\n<ul>\n<li>Its <u><strong>confidentiality<\/strong><\/u>, ensuring that only those who are authorised can access the information, avoiding destruction, disclosure, modification and unauthorised use, especially that related to the personal data of employees, customers and suppliers.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Its <u><strong>completeness<\/strong><\/u>, ensuring that the information and its processing methods are accurate and complete, based on its classification by use (internal\/external).<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Its <u><strong>availability<\/strong><\/u>, ensuring that authorised users have access to the information and its associated assets when they require it and can meet the relevant timescales of the development of critical business processes and the agreed deadlines of the services provided.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Its <u><strong>compliance with regulations<\/strong><\/u>, laws and regulations in force, especially the data protection law.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-secondary-color has-text-color\">Security Principles:<\/p>\n\n\n\n<ul>\n<li>Information Security objectives shall be set annually.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>The organisation will use a risk management methodology to regularly analyse, assess, treat and monitor the exposure of our significant assets to threats that may exploit vulnerabilities and introduce adverse impacts on our internal activities and the performance of services to our customers.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Corresponding controls will be established in accordance with the risk needs arising from the risk analysis process managed.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Means shall be put in place to ensure business continuity and continuity plans shall be maintained, tested and updated at least annually.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>All staff shall be informed and held accountable for information security as relevant to the performance of their work. Security training shall be sufficiently complied with and updated for all employees.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>All staff shall be informed and held accountable for information security as relevant to the performance of their work. Security training shall be sufficiently complied with and updated for all employees.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Business, legal or regulatory requirements and contractual safety obligations shall be complied with.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>The entire Management System, including this policy, shall be regularly reviewed at planned intervals or if significant changes occur, to ensure its continuing suitability, effectiveness and efficiency.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>The company is committed to continuous improvement of information security management, identifying and establishing opportunities for improvement, as well as corrective actions to mitigate the deficiencies found.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-secondary-color has-text-color\">Responsibilities<\/p>\n\n\n\n<ul>\n<li>The management team is responsible for ensuring that information security is properly managed throughout the organisation.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Each manager is responsible for ensuring that the people under his or her control protect information in accordance with the standards set by the organisation.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>The security officer advises the management team, provides expert support to the organisation's staff and ensures that information security status reports are available. He\/she also protects communication systems and the internal network, equipping security systems with the necessary elements to protect information.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Each staff member has the responsibility to maintain the security of information within their work-related activities and not to disclose or directly use information to which they have access in the course of their employment with EXCELTIC.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Ensure that all employees or contracted third parties understand their responsibilities and properly perform their roles in ensuring Exceltic's Information Security.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Any non-compliance with laws, legal, regulatory or contractual obligations and safety requirements shall be avoided.<\/li>\n<\/ul>\n\n\n\n<ul>\n<li>Compliance with this policy and any procedure or documentation included in the IMS is mandatory and concerns all staff of the organisation. Visitors and external personnel accessing our facilities are not exempt from compliance with the obligations indicated, and internal personnel will observe compliance.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-text-align-right\">In Madrid, 16 December 2019<\/p>\n\n\n\n<p class=\"has-text-align-right\">Mr. Jos\u00e9 Antonio Su\u00e1rez and Mr. Eduardo Requejo<\/p>\n\n\n\n<p class=\"has-text-align-right\">Directorate-General for <strong>EXCELTIC<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-css-opacity\"\/>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-1 wp-block-columns-is-layout-flex\" style=\"padding-top:50px\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"padding-right:0px;flex-basis:120px\">\n<figure class=\"wp-block-image aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/exceltic.com\/wp-content\/uploads\/2022\/05\/ISO-27001_Exceltic-1.png\" alt=\"\" class=\"wp-image-1256\" width=\"111\" height=\"183\" srcset=\"https:\/\/exceltic.com\/wp-content\/uploads\/2022\/05\/ISO-27001_Exceltic-1.png 282w, https:\/\/exceltic.com\/wp-content\/uploads\/2022\/05\/ISO-27001_Exceltic-1-182x300.png 182w, https:\/\/exceltic.com\/wp-content\/uploads\/2022\/05\/ISO-27001_Exceltic-1-7x12.png 7w\" sizes=\"(max-width: 111px) 100vw, 111px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p><strong>EXCELTIC S.L. holds the Information Security Management System certificate under the UNE-EN ISO 27001:2013 Standard for the activity of:<\/strong> <strong>Technical Assistance Engineering Services and Development of Technology Projects<\/strong><\/p>\n\n\n\n<p>Last updated: 10 December 2021<\/p>\n<\/div>\n<\/div>\n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>Exceltic's management identifies and protects its information assets and those of its Clients, ensuring internal business continuity and continuity in the services provided to our Clients. Our strategy is based on prevention: minimising the risk of damage by preventing security incidents, as well as by [...]<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"politica-de-seguridad-de-la-informacion","meta":{"footnotes":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.7.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Pol\u00edtica de seguridad de la informaci\u00f3n -<\/title>\n<meta name=\"robots\" content=\"noindex, nofollow\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Pol\u00edtica de seguridad de la informaci\u00f3n -\" \/>\n<meta property=\"og:description\" content=\"La Direcci\u00f3n de Exceltic identifica y protege sus activos de informaci\u00f3n y la de sus Clientes, asegurando la continuidad interna del negocio y la continuidad en los servicios prestados a nuestros Clientes. Nuestra estrategia est\u00e1 basada en la prevenci\u00f3n: reducir al m\u00ednimo el riesgo de da\u00f1o mediante la prevenci\u00f3n de incidentes de seguridad, as\u00ed como [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/exceltic.com\/en\/information-security-policy\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/exceltic\/\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-19T09:59:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/exceltic.com\/wp-content\/uploads\/2022\/05\/ISO-27001_Exceltic-1.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@exceltic\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/\",\"url\":\"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/\",\"name\":\"Pol\u00edtica de seguridad de la informaci\u00f3n -\",\"isPartOf\":{\"@id\":\"https:\/\/exceltic.com\/#website\"},\"datePublished\":\"2022-04-22T10:22:13+00:00\",\"dateModified\":\"2025-05-19T09:59:56+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\/\/exceltic.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Pol\u00edtica de seguridad de la informaci\u00f3n\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/exceltic.com\/#website\",\"url\":\"https:\/\/exceltic.com\/\",\"name\":\"\",\"description\":\"Ingenier\u00eda y Consultor\u00eda\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/exceltic.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pol\u00edtica de seguridad de la informaci\u00f3n -","robots":{"index":"noindex","follow":"nofollow"},"og_locale":"en_GB","og_type":"article","og_title":"Pol\u00edtica de seguridad de la informaci\u00f3n -","og_description":"La Direcci\u00f3n de Exceltic identifica y protege sus activos de informaci\u00f3n y la de sus Clientes, asegurando la continuidad interna del negocio y la continuidad en los servicios prestados a nuestros Clientes. Nuestra estrategia est\u00e1 basada en la prevenci\u00f3n: reducir al m\u00ednimo el riesgo de da\u00f1o mediante la prevenci\u00f3n de incidentes de seguridad, as\u00ed como [&hellip;]","og_url":"https:\/\/exceltic.com\/en\/information-security-policy\/","article_publisher":"https:\/\/www.facebook.com\/exceltic\/","article_modified_time":"2025-05-19T09:59:56+00:00","og_image":[{"url":"https:\/\/exceltic.com\/wp-content\/uploads\/2022\/05\/ISO-27001_Exceltic-1.png"}],"twitter_card":"summary_large_image","twitter_site":"@exceltic","twitter_misc":{"Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/","url":"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/","name":"Pol\u00edtica de seguridad de la informaci\u00f3n -","isPartOf":{"@id":"https:\/\/exceltic.com\/#website"},"datePublished":"2022-04-22T10:22:13+00:00","dateModified":"2025-05-19T09:59:56+00:00","breadcrumb":{"@id":"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/exceltic.com\/politica-de-seguridad-de-la-informacion\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/exceltic.com\/"},{"@type":"ListItem","position":2,"name":"Pol\u00edtica de seguridad de la informaci\u00f3n"}]},{"@type":"WebSite","@id":"https:\/\/exceltic.com\/#website","url":"https:\/\/exceltic.com\/","name":"","description":"Ingenier\u00eda y Consultor\u00eda","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/exceltic.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"}]}},"_links":{"self":[{"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/pages\/836"}],"collection":[{"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/comments?post=836"}],"version-history":[{"count":6,"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/pages\/836\/revisions"}],"predecessor-version":[{"id":2406,"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/pages\/836\/revisions\/2406"}],"wp:attachment":[{"href":"https:\/\/exceltic.com\/en\/wp-json\/wp\/v2\/media?parent=836"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}