Information Security Policy
The Management of SMARTMIND, SL, defines through this Security Policy, its commitment to implement and maintain an Information Security Management System, based on the requirements of ISO / IEC 27001: 2013.
The organization establishes an ISMS under the following scope:
“The own information systems for the training business processes in all their development modalities (face-to-face, online, distance and mixed), as well as design and creation of training content, carried out from their work centers in Vigo, Madrid and Murcia, in accordance with the current applicability document.”
The work centers referred to in the scope of the ISMS are the following:
Madrid Headquarters: Calle Riaza, 6, 1º D, 28023 Madrid
Vigo Headquarters: García Barbón 36, 3º oficina 2, 36201 Vigo
Murcia Headquarters: Avda. de Europa 15, 30007 Murcia
This scope supports all the activities developed by the organization, ensuring the continuous improvement of information security based on the following principles:
- Protection of personal data and the privacy of people.
- Protection of organizational records.
- Compliance with the legislative and contractual requirements applicable to the company’s activity in terms of security.
- Mandatory training in information security issues in the terms established in the security instruction related to human resources.
- Compliance with the controls and security measures established in the safety instructions, and the disciplinary process defined in the Workers’ Statute may be applicable, on faults and sanctions of workers, in case of intentional violations of safety.
- Communication of the security incidents detected based on the established instructions.
- Customer satisfaction, in the field of information security, meeting and exceeding their expectations, requirements and needs. To achieve compliance with the above principles, it is necessary to implement a set of security measures, both technical and organizational that guarantee the effectiveness of the efforts made. All measures taken are established through the Safety Manual, procedures and defined work instructions. All members of the organization must comply with and ensure compliance with the provisions of the ISMS. To ensure compliance with the provisions of the ISMS, the management delegates the responsibility for supervision, verification and monitoring of the system to the Security Manager, who has the necessary authority and independence and will have the appropriate resources, to guarantee the correct operation of everything defined in the ISMS. Finally, management is committed to providing the necessary means and adopting appropriate improvements throughout the Organization, to promote the prevention of risks and damage to assets, thus improving the efficiency and effectiveness of the ISMS.
Smartmind is ISO/IEC 27001:2013 certified