Security policy

Security Policy.

The purpose of this Information Security Policy is to protect the information assets involved in the services provided by Enersegur. It is Enersegur’s policy to ensure that:.

• The information is protected against loss of availability, confidentiality, and integrity.

 

• Business requirements regarding information security and information systems are met.

 

• Applicable legal requirements are met.

 

• The Security Committee assesses the information assets available to Enersegur, from which risk analysis and subsequently risk management will be derived. Both the analysis and risk management will be reviewed annually by Management, which will decide whether a new analysis and risk management process should be carried out. The risks to be addressed will be reflected in the Security Plan.

 

• Security incidents are reported and handled appropriately.

 

• Procedures are established to comply with the Security Policy.

 

• The Security Officer will be responsible for maintaining this policy, the management manual, and the procedures, as well as providing support in their implementation. In addition, they will oversee and verify compliance with the Security Plan corresponding to that year.

 

• Each employee is responsible for complying with this Policy and its procedures as applicable to their job role.

 

• This policy has been approved by Enersegur’s Security Committee and will be reviewed annually.

 

• It is Enersegur’s policy to implement, maintain, and monitor the ISMS.