ACTICA Information Quality and Security Policy

ACTICA is responsible for designing and integrating quality technological systems and services in compliance with applicable requirements, protecting information and services of the organization and third parties from internal and external threats, whether deliberate or accidental; This through focus on our customers and continuous improvement”

a) Policies for Information Security

ACTICA’s Senior Management prioritizes Information Security in the execution of its activities, by protecting information assets, critical infrastructure and support, including the proper use of third-party information and in accordance with applicable laws.

All information must have a responsible person who must ensure that it is created, processed, stored, distributed or deleted according to established policies.

All information and related assets identified as critical should be made a risks analysis of possible threats or vulnerabilities and determine the activities for their treatment according to their probability and severity.

All information within the Management System must be treated according to its classification and level of access, according to established policies.

Information controllers or Information Systems shall control and restrict access to authorized personnel and partners so that they can only view the confidential information required, in accordance with information security policies. Access to confidential information will be limited only to staff and associates who have a specific need to view or use that information.

No information will be made available to third parties without the written consent of the owners of the information.

All responsibilities for Information Security have been assigned to the different roles as described in the established policies.

The Personal Data must be treated in accordance with the Federal Law of Protection of Personal Data held by Individuals.

b) Particular Policies of Information Security
  • Information Security Organization Policy
  • Human Resources Security Policy
  • Asset Management Policy
  • Access Control Policy
  • Cryptography Policy
  • Physical and Environmental Safety Policy
  • Security Policy in Operations
  • Communications Security Policy
  • Supplier Relations Policy
  • Information Security Incident Management Policy
  • Information Security Aspects Policy in Business Continuity Management
  • Compliance Policy