FIVECOMM, a company dedicated to the innovation, design, development, integration and marketing of systems, solutions and products that make use of 5G, whether with public or private networks, has decided to implement an Information Security Management System based on the ISO 27001 standard with the aim of preserving the confidentiality, integrity and availability of information, protecting it from a wide range of threats and aimed at ensuring the continuity of business lines, minimizing damage and maximizing return on investment and opportunities business and continuous improvement.
FIVECOMM Management is aware that information is an asset that has a high value for the Organization and therefore requires adequate protection.
The FIVECOMM Management establishes as basic objectives, starting point and support for the objectives and principles of information security the following:
- The protection of personal data and the privacy of individuals
- Safeguard the organization’s records
- The protection of intellectual property rights
- Information security policy documentation
- Assignment of security responsibilities
- Information security education and training
- The registry of security incidents
- Business continuity management
- The management of changes that could occur in the company related to security
The Management of FIVECOMM, through the preparation and implementation of this Information Security Management System, acquires the following commitments:
- Develop products and services in accordance with legislative requirements, identifying the laws applicable to the business lines developed by the organization and included in the scope of the Information Security Management System.
- Establishment and fulfillment of contractual requirements with the interested parties.
- Define security training requirements and provide the necessary training in this area to interested parties, by establishing training plans.
- Prevention and detection of viruses and other malicious software, through the development of specific policies and the establishment of contractual agreements with specialized organizations.
- Business continuity management, developing continuity plans in accordance with internationally recognized methodologies.
- Establishment of the consequences of violations of the security policy, which will be reflected in the contracts signed with the interested parties, suppliers and subcontractors.
- Act at all times within the strictest professional ethics.
This Policy provides the reference framework for the continuous improvement of the Information Security Management System, as well as for establishing and reviewing the objectives of the Information Security Management System, being communicated to the entire Organization and to the interested parties being reviewed for its suitability when special situations and/or substantial changes occur in the Information Security Management System.
2nd of January 2022