INFORMATION SECURITY POLICY

Information Security Policy

The organization's Management recognizes the importance of identifying and protecting the organization’s information assets. To this end, it will prevent the destruction, disclosure, modification, and unauthorized use of all information, committing to develop, implement, maintain, and continually improve an Information Security Management System.

The organization's Management declares compliance with current laws and regulations related to information security.

Information Security is characterized as the preservation of:

a) its confidentiality, ensuring that only those who are authorized can access the information;

b) its integrity, ensuring that the information and its processing methods are accurate and complete;

c) its availability, ensuring that authorized users have access to the information when needed.

Information security is achieved by implementing an appropriate set of controls, such as policies, procedures, organizational structures, software, and infrastructure. These controls must be established to ensure the organization's security objectives.

The organization will appoint an Information Security Committee, which will be responsible for guiding, implementing, and maintaining the Information Security Management System.

This Information Security Policy must be known and followed by all staff of the organization, regardless of their position or contractual situation.

It is the organization's policy to:

  • Establish annual objectives related to Information Security.
  • Develop a process for assessing and treating security risks, and based on its results, implement the corresponding corrective and preventive actions, as well as prepare and update the action plan.
  • Classify and protect information according to applicable regulations and valuation criteria based on its importance to the organization.
  • Comply with service requirements, legal or regulatory obligations, and contractual security commitments.
  • Provide awareness and training in information security to all staff.
  • Establish that all personnel are responsible for recording and reporting confirmed or suspected security breaches, in accordance with relevant procedures.
  • Establish the necessary means to ensure the continuity of the organization’s operations.

Ready to take the first step toward a more efficient, flexible, and customer-centric logistics model?