Likeik, as a company dedicated to the Development and Implementation of Systems for capturing the voice of the client, openly declares its intention to offer competitive services to all its clients; for this reason, it has implemented an information security management system within the organization, the main objective of which is to achieve business objectives and the satisfaction of its customers, guaranteeing information security at all times through processes established and based on a process of continuous improvement, guaranteeing the continuity of the information systems, minimizing the risks of damage and ensuring compliance with the objectives set to ensure the confidentiality, integrity and availability of information at all times.
For this, it assumes its commitment to information security according to the reference standard ISO / IEC 27001: 2013, so that Senior Management establishes the following principles:
- Competition and leadership by senior management as a commitment to develop the Information Security Management system.
- Determine the internal and external stakeholders that are relevant to the Information Security management system and meet its requirements.
- Understand the context of the organization and determine the opportunities and risks of the same regarding information security as a basis for planning actions to address them, assume or treat them.
- To ensure the satisfaction of our clients , including those interested in the results of the company, in everything related to the performance of our activities and their impact on society. li >
- Establish objectives and goals focused on performance evaluation in Information Security, as well as continuous improvement in our activities, regulated in the System of Management that develops this policy.
- Compliance with the requirements of applicable and regulatory legislation to our activity, the commitments acquired with clients and interested parties and all those internal rules or guidelines of action to which the company is subject .
- Ensure the confidentiality of the data managed by the company and the availability of the information systems, both in the services offered to customers and in internal management, avoiding undue alterations in the information.
- Ensure the ability to respond to emergency situations , restoring the operation of critical services in the shortest possible time.
- Establish the appropriate measures for the treatment of risks derived from the identification and evaluation of assets.
- Motivate and train all personnel who work in the organization, both for the proper performance of their job and to act in accordance with the requirements imposed by the Reference Standard, providing a < strong> suitable environment for the operation of the processes.
- Maintaining fluid communication both internally, between the different levels of the company, and with customers.
- Evaluate and guarantee the technical competence of the staff for the performance of their duties, as well as ensuring their adequate motivation for their participation in the continuous improvement of our processes.
- Guarantee the correct state of the facilities and the adequate equipment , so that they correspond to the activity, objectives and goals of the company
- Guarantee continuous analysis of all the relevant processes , establishing the pertinent improvements in each case, depending on the results obtained and the established objectives. < / li>
These principles are assumed by the Senior Management, who has the necessary means and provides its employees with sufficient resources for their compliance, expressing them and making them public through this Information Security Policy.