Quality and Information Security Policy


SANDAV's Policy is oriented towards the effective fulfillment of the mission entrusted to it, providing professional technical services in information technologies:

  • Personnel selection for projects
  • Technical assistance
  • Development and maintenance of applications
  • Hosting of applications
  • Consultancy in information technologies
  • Business Intelligence consultancy
  • Cybersecurity consultancy


The Management is the highest authority of SANDAV in Information Security matters; and assumes the role of driving force in this strategy, motivating and promoting the participation of all company personnel in related activities, in preventive detection, and in taking actions for its continuous improvement.


Aware of the importance of customer satisfaction and the need to provide quality services while maintaining Information under parameters of Confidentiality, Availability, Integrity, and traceability, the Management has decided to implement an Integrated Management System, based on the guidelines of ISO 27001 and ISO 9001 standards.

For this purpose, it has been decided to promote this policy with the aim of:

  1. Adapting the organization of the company to the demands of a changing and competitive market, ensuring that the Information it handles to carry out its activity is under strict security controls.
  2. Constantly evaluating, analyzing, and improving the company's processes related to information security and for the improvement in the provision of services.
  3. Ensuring compliance with technical, regulatory, and normative requirements applicable to our activity.
  4. Providing the framework to establish Objectives based on which to achieve the continuous improvement of the integrated management system.

Madrid

MANAGEMENT



Javier Rodríguez

Rev.3 dated 08/06/2023