GRUPO ATISA’s corporate values involve pursuing objectives in the search for excellence in all areas of the organisation, so acquiring a Quality and Safety Management System is a natural consequence.

The purpose of this Management Policy for GRUPO ATISA is to disseminate the aspects defined by the Management concerning the Information Security and Quality standard in providing services.

 

1. Service Management Policy

The principles of GRUPO ATISA’s Service Management Policy are as follows:

  • Manage the provision of services carried out by the organisation to clients effectively and efficiently, in a life cycle that continuously improves the processes implemented.
  • Ensure that the requirements agreed through service level agreements (SLA’s) with clients are met and maintained.
  • Ensure that all services documented in the service catalogue within the scope of the system are managed in such a way as to guarantee compliance with deadlines, a rapid response, high quality and excellent customer satisfaction.
  • Guarantee uninterrupted service, rapid resolution of incidents and high client satisfaction.
  • Manage the risks to the organisation that may arise in providing the services included in the scope.
  • Ensure the maximum quality of the services provided, meeting the agreed deadlines and allocating the necessary human and material resources.
  • Comply with the legal requirements that affect our activity and the standards, specifications and codes applicable to our products.
  • Seek the continuous improvement of our Management Systems, evaluating the different processes annually establishing objectives, with their goals and management programmes, and defining indicators.
  • Promote internal and external communication, guaranteeing knowledge of our clients’ needs and expectations and satisfying them.
  • Promote the professionalism, specialisation and experience of its staff, enhancing the training and continuous updating of their knowledge.

 

2. Security Policy

This Security Policy establishes the guidelines and principles established by GRUPO ATISA to guarantee the protection of the information and resources used to process it and compliance with the defined security objectives. The main objectives set are those indicated below:

  • Consider security as a fundamental means of achieving the organisation’s strategic goals.
  • Ensure the Management’s commitment concerning Management concerning Information Security, in line with the business strategy, supporting the Management Committee, providing it with the necessary means and powers to carry out its functions.
  • Define, develop and implement the technical and organisational controls required to guarantee the confidentiality, integrity and availability of the information managed in Grupo Atisa.
  • Guarantee compliance with current legislation on personal data protection, intellectual property and the information society, and all applicable legal, regulatory and contractual requirements.
  • Create a “culture of security” internally, concerning all personnel, and externally, concerning the clients and suppliers of Grupo Atisa.
  • Consider Information Security as a continuous improvement process, which allows reaching more advanced levels of security increasingly.

This Policy is the reference framework for information systems security for ATISA GROUP. Guarantee to achieve the established security objectives, security regulations and procedures have been developed, detailing the technical, organisational and management measures required to ensure compliance with the guidelines set in this Policy.

 

3. Quality Policy

The principles of the Quality Management Policy are as follows:

  • Manage the provision of services carried out by the organisation to clients effectively and efficiently, giving quality service, incorporating a Quality Management System and ensuring compliance with the processes deriving from it.
  • Ensure client satisfaction, assessing their requirements, needs and expectations of our services through continuous feedback and addressing any complaints and/or suggestions that may arise during the service provision.
  • Manage the organisation’s risks that may arise in providing services, assuming the necessary actions to mitigate them.
  • Ensure the maximum quality of the services provided, meeting the agreed deadlines and allocating the necessary human and material resources.
  • Comply with the legal requirements that affect our activity and the standards, specifications, codes, and other requirements applicable to our products and services.
  • Seek the continuous improvement of our Management Systems, evaluating the different processes annually establishing objectives, with their goals and management programmes, and defining indicators.
  • Promote internal and external communication, guaranteeing knowledge of our stakeholders’ needs and expectations and satisfying them.
  • Promote the professionalism, specialisation and experience of its staff, enhancing the training and continuous updating of their knowledge.
  • Involve and raise awareness among staff to achieve excellence in all processes related to the quality of services provided by Atisa.