The expansion of new technologies and the opening of public networks offer Éxxita Be Circular, S.A. new channels to reach customers and establish relationships with other entities, thus increasing its business processes. However, these new technologies and relationships raise the level of risk associated with the exposure of Éxxita Be Circular, S.A.'s information and communications.
Information is considered a strategic asset of Éxxita Be Circular, S.A. . In this context, a reference framework has been established which defines the guidelines for action, through a preventive, informative, reactive and learning approach, to ensure that the integrity, availability, confidentiality, authenticity and traceability of the information of Éxxita Be Circular, S.A. and its customers cannot be compromised.
The following Information Security principles and criteria are established:
Management's commitment to the Continuous Improvement of its activities, products and services and of the Information Security System itself through data analysis.
The commitment to comply with the applicable legislation and regulations in force, as well as other information security requirements subscribed with our clients, maintaining a permanent compliance with them.
Éxxita Be Circular, S.A. assumes as a premise of its Information Security Policy the adaptation of both information systems and physical storage devices to municipal, autonomic, ministerial and regulatory bodies' rules and/or regulations.
The objective is to provide employees, customers and visitors with adequate security measures within Éxxita Be Circular, S.A.'s facilities and information systems.
The security of the information that Éxxita Be Circular, S.A. collects, processes, stores and transmits is essential to guarantee its assets and those of its shareholders.
Éxxita Be Circular, S.A. may limit access to its information, both for persons and physical or logical objects, for which an access control system has been established.
Security is an activity that is the responsibility of all employees and collaborators of Éxxita Be Circular, S.A., who must develop their activities seeking adequate protection of Éxxita Be Circular, S.A.'s assets. They must be aware of, assume and apply the safety standards and procedures.
The security of information, systems and devices that collect, process, store and transmit it, is paramount to ensure the operational continuity of the business.
In order to guarantee the Confidentiality, Integrity, Availability, Authenticity and Traceability of such information, the necessary Policies, Standards, Procedures and Security Mechanisms have been established. Therefore, it shall comply with what is described in Éxxita Be Circular, S.A.'s Internal Regulations.
Information security should be considered as part of the normal operation, being present and applied from the initial design of the processes and systems of the company.
information.
It is essential to have updated inventories of the services and information assets that support them, their responsible or owners and the associated risks; this enables the continuous analysis of these and allows the design and application of new security measures and mechanisms with the appropriate change management.
The value of the information will be known, for which classification methods will be specified according to the level of importance for the organization, developing the associated processes for its treatment, storage, transmission, declassification, access, reproduction and destruction according to its classification level.
