LEAD RATINGS, s.l. wishes to protect its clients and business objectives by offering its workers, collaborators, suppliers and clients a safe work environment through the appropriate security measures and operational processes in the development of the activities of:
Development and provision of predictive marketing solutions
As principles to take into account:
- Preserving the confidentiality of the information and avoiding its disclosure and access by unauthorized persons.
- Maintaining the integrity of the information, ensuring its accuracy and avoiding its deterioration.
- The assurance of the availability of the solutions provided as well as of the information in all the supports and whenever it is necessary.
Information security must be flexible, effective and support the company’s business model, therefore, the Management undertakes to develop, implement, maintain and continuously improve its Information Security Management System (ISMS) with the aim of continuous improvement in the way we provide our services and in the way we treat our clients’ information.
Therefore, we establish the following guidelines:
- Establishment of objectives in relation to Information Security.
- Compliance with legal requirements and other requirements that we may subscribe to.
- Carry out training and awareness activities on Information Security processes for all staff.
- Development of the analysis, management and treatment of risk on information assets.
- Establish all the actions required to mitigate or eliminate the risks detected.
- Establish the responsibility of employees in relation to the reporting of security incidents.
- Preserve the confidentiality, integrity and availability of information assets in compliance with this policy.
- Compliance by all staff with the policies and procedures of the Information Security Management System.
The Directorate assigns responsibilities and authority to the Security Manager over the maintenance of this policy, providing advice and guidance for its implementation and corrections for deviations in its compliance, as well as in the management of the policies, procedures and activities of the ISMS.
This information security policy will always be aligned with the general policies of the company.