Security policy

Given the importance of information systems, the companies of the Ferrer&Ojeda Group (hereinafter “Ferrer&Ojeda”) establish through their Management the following fundamental principles of information security:
1. Regulatory compliance: all information systems comply with the applicable legal, regulatory and industry standards that affect information security, especially those related to personal data protection, systems security, data, communications and electronic services.
2. Risk management: risks are minimized to acceptable levels and a balance is sought between security controls and the nature of the information. Security objectives are established, reviewed and consistent with information security aspects.
3. Training and awareness-raising: training, awareness-raising programs and awareness campaigns are organized for all users with access to information on information security.
4. Availability, integrity and confidentiality:
5. The availability of information is guaranteed, ensuring the continuity of the business supported by the information services through contingency plans.
6. The integrity of the information with which we work is ensured, so that it is concise and precise, with emphasis on the accuracy of both its content and the processes involved.
7. The confidentiality of the information is guaranteed, so that only authorized persons have access to it.
8. Proportionality: the implementation of controls that mitigate the security risks of the assets is done by seeking a balance between the security measures, the nature of the information and the risk.
9. Responsibility: all members of Ferrer&Ojeda are responsible for their conduct regarding information security, complying with the established rules and controls.
10. Continuous improvement: the degree of effectiveness of the security controls implemented in the organization is reviewed on a recurring basis to increase its capacity to adapt to the constant evolution of risk and the technological environment.
Consistent with the responsibility assumed and convinced that safety management is essential for the future and excellence of the company, Ferrer&Ojeda’s Management is committed to providing the necessary resources to comply with this Policy.
In accordance with this Policy, Safety Objectives are established at all levels, monitoring the degree of compliance, so that we can measure our improvement.
Likewise, Ferrer&Ojeda’s Management periodically reviews this information security management system, with the commitment to ensure its correct and effective development, continuous improvement and its adaptation to new applicable legal requirements.
Barcelona, December 20, 2020
Management

How can we help you?

Contact us or find the nearest office to your location.