The overall Information Security objective of KENMEI TECHNOLOGIES S.L. (hereinafter KENMEI) is to ensure business continuity, information protection and the quality of the services offered to our customers by minimizing security and business risks, through the prevention of security incidents, as well as the reduction of their potential impact when unavoidable.
To achieve this objective, KENMEI has developed a risk management methodology that allows us to regularly analyze the degree of exposure of our important assets to threats that may exploit certain vulnerabilities and introduce adverse impacts to the activities of our personnel or to KENMEI's important processes.
The main purpose of Information Security at KENMEI TECHNOLOGIES S.L., hereafter known as KENMEI, is to ensure business continuity, safeguard information and maintain excellence in the services we provide to our customers, while reducing security and business risks to a minimum. This is achieved by preventing security incidents and, should they occur, minimizing their potential impact.
To achieve this goal, KENMEI has put in place a risk management strategy that allows us to regularly review the degree of exposure of our critical assets to potential threats, which could exploit weaknesses and generate adverse impacts on both our team and KENMEI's vital processes.
This policy supports KENMEI's general personal data protection and information security policy and the rest of the ISMS policies and procedures that support services related to products and services oriented to the automation of processes for the management of mobile networks based on the management of massive network data and artificial intelligence techniques.
Senior Management has the duty to ensure and provide the necessary resources so that information security is properly managed throughout the organization.
The security manager has the task of reviewing and approving the different strategies and procedures related to information security, ensuring their quality and effectiveness. In addition, he/she provides expert advice to the organization's personnel.
Each member of KENMEI must ensure that information security is preserved in the activities related to his or her function.
INFORMATION SECURITY MANAGEMENT SYSTEM POLICY
Ensuring and protecting the protection of information is a strategic and fundamental priority to offer our services, thus guaranteeing the confidentiality, integrity, and availability of both our information and that of our clients.
To achieve the objectives, the Management will provide the appropriate resources to preserve and optimize the ISMS. It is directly involved in the definition, monitoring and evaluation of strategic objectives, and performs the required training on information security issues.
KENMEI's Management will assume responsibility for managing the main risks related to information security and the continuity of procedures that are essential to the entity.
Establish, elaborate and implement the technical and organizational measures required to ensure the Confidentiality, Integrity and Availability of the information handled at KENMEI.
Provide services in compliance with legal and contractual requirements, recognizing the laws relevant to the business activity addressed and included in the scope of the ISMS.
Ensure the satisfaction of our customers by customizing services and ensuring the protection of information.
Establish safety training criteria, and offer specialized training to stakeholders through structured programs, ensuring that they are prepared and updated on industry best practices.
Foster a "culture of safety" by training our personal in awareness and responsibility, establishing relationships of trust and transparency with clients and suppliers and ensuring safe practices throughout the value chain.
Design Information Continuity plans to guarantee recovery in the shortest possible time and minimize data loss in the event of disasters or incidents.
Reduce information security risks by implementing proactive and reactive response plans to potential incidents, ensuring agile and effective action.
Incorporate security-focused coding principles during software development to ensure a robust design that minimizes vulnerabilities and strengthens its resilience to potential threats.
Treat the Information Security Management System as a constantly evolving cycle, conducting regular assessments to achieve progressively more advanced levels of information security maturity.
Compliance with this policy, as well as with the information security policy and any procedure or documentation included in the ISMS documentation repository, is mandatory.