Skip to Content
Menu
Home
Information Security Policy

Information Security Policy

Process Control Management recognizes the importance of identifying and protecting its information assets, whether owned by the company or by third parties, preventing unauthorized destruction, disclosure, modification, and use.

To this end, our company is committed to developing, implementing, maintaining, and continually improving an Information Security Management System.

Information Security is defined as the preservation of:

  • Confidentiality: ensuring that access to information is granted only to those who are authorized.
  • Integrity: ensuring that information and its processing methods are accurate and complete.
  • Availability: ensuring that authorized users have access to information and associated assets when required.

Information security is achieved by implementing a suitable set of controls, such as policies, procedures, organizational structures, training, software, and infrastructure. 

These controls are established to ensure that Process Control's specific security objectives are met.

Process Control defines and assigns all responsibilities regarding information security to ensure that the Information Security Management System complies with best practice standards.

It is Process Control policy:

  • Establish annual objectives related to Information Security.
  • Develop a process for assessing and addressing information security risks, and based on the results, implement appropriate actions to address unacceptable risks and ensure continuous improvement. 
  • Classify and protect information in accordance with current regulations and the criteria established by Management. 
  • Comply with service, legal or regulatory requirements and contractual security obligations.
  • Provide information security awareness and training to all staff.
  • Establish that all personnel are responsible for reporting security violations, confirmed or suspected, in accordance with the relevant procedures.
  • To penalize any violation of this policy and any policy or procedure related to information security.
  • Establish the necessary means to guarantee the continuity of Process Control operations.