Information Security Policy

SISTEPLANT is a leading service company in the industrial engineering and organization sector, and our mission is to actively help our customers prosper using innovative organization techniques and the most advanced information and manufacturing technologies. We dream, innovate and accept challenges.

Our mission is to actively help our customers thrive using innovative organizational techniques and advanced information and manufacturing technologies.

The fundamental objectives of our information security management system are:

• Protect information assets according to their value or importance.
• Guarantee the confidentiality, availability and integrity of the information.
• Manage identified risks diligently.
• Preserve the privacy of customers, employees, suppliers and third parties.
• Ensure compliance with applicable requirements, especially legal ones.
• Continuously improve the information security system.

To achieve these general objectives, the Management of this company assumes the firm commitment to optimize its information security policy based on the following factors:

• Risk Prevention: Establish the necessary guidelines and means in terms of risk prevention with the fundamental objective of eliminating or mitigating them
• Commitment to environmental protection: Reduce and prevent environmental impacts generated by our activities, products or services.  
• Legal Requirements: Understand the legal requirements and other types of requirements specified by our clients as a set of minimums to be met.
• Dissemination: Disseminate and promote the improvement of information security.  
• Stakeholders: Joint participation with all our STAKEHOLDERS for an improvement of information security.  
• Training: Constant training of all our professionals, in technical knowledge, and skills, encouraging their participation and commitment to this policy, the improvement of the system and information security.   
• Monitoring: Establish indicators at all levels that allow us to make evidence-based decisions.  
• Continuous improvement: Establish and periodically review objectives and goals, which provide a reference framework for the continuous improvement of processes and sustainable development.   
• Analyze: Analyzes and evaluates deviations that may occur in information security and establish the necessary corrective actions and opportunities for improvement.  
• Integrated system: Participatory elaboration of all groups of the organization, at all levels, being aware of the contribution to the objectives of the system and the repercussions of non-compliance.

Last updated: April 16, 2023