Information Security Policy
SECURITY POLICY FOR THE MINISDEF PROJECT
The management of SATLINK S.L. expresses and recognizes the importance of identifying and protecting its information assets, avoiding their destruction, disclosure, modification and unauthorized use, for this it is committed to develop, implement, maintain and continuously improve an information security management system.
The scope of the information management system is:
SATELLITE COMMUNICATIONS SERVICES AND INFRASTRUCTURE IN THE GENERAL INFORMATION INFRASTRUCTURE FOR DEFENSE (I3D) OF THE MDEF.
In accordance with the scope of the ISMS:
- The management annually establishes objectives in relation to information security. there is a risk analysis and according to its result, the corresponding actions are implemented in order to treat them and have measures to reduce or eliminate them.
- It is considered essential to comply with business, legal or regulatory requirements and contractual security obligations. to this end, measures will be taken to raise awareness and train personnel involved in this project in information security, making clear to them the risks associated with the processing of information and devices.
- The management promotes an information security-oriented organizational culture and implements the necessary security measures. identifies resources, both human and material, and invests in the means to ensure the continuity of the company's business.
To this end, it is interested in keeping the regulations and procedures up to date, in order to ensure their effectiveness.
Accordingly, the information generated and managed is a key strategic asset to ensure business continuity. in this context, the information security policy is aimed at protecting the information throughout its life cycle (creation, dissemination, modification, storage, preservation and disposal), the means that enable this cycle and the people who access and/or manipulate the information, in order to ensure its integrity, availability and confidentiality.
Therefore, every employee is responsible for preserving the confidentiality, integrity and availability of information assets in compliance with this policy and the procedures inherent to the information security management system.
Management expresses the importance of complying with the requirements applicable to information security and the commitment to continuous improvement. it also conveys the importance of confidentiality, ensuring that only those authorized can access the information; integrity, ensuring that the information and its processing and archiving methods are accurate and complete; availability, ensuring that authorized users have access to the information and its associated assets when required. to this end, the management promotes the implementation of an adequate set of controls, practices, procedures, organizational structures and software functions to ensure that the company's specific security objectives are met. to this end, it delegates to the security manager the tasks inherent to the implementation of the ISO 27001 standard, in its current version, and its operation.
Madrid, March 16, 2021
Signed: The General Management