The Top Management of Stefanini recognizes the importance of identifying and protecting the information assets of the organization, avoiding destruction, improper disclosure, improper modification or unauthorized use of any information relating to its customers, employees, pricing, strategy, management, or other related concepts.
Stefanini is therefore committed to develop, implement, maintain and continually improve the Information Security Management System (ISMS ) in order to ensure the confidentiality, availability and integrity of information. In the event of non-compliance with the Information Security Policy, Stefanini will take appropriate actions to correct.
To achieve this goal, Stefanini:
Establishes annual objectives in relation to Information Security.
Ensures the identification and fulfillment of business requirements, contractual, legal and regulatory obligations of security.
Develops a process of risk analysis, and, according to its results, implements the appropriate actions in order to address risks that are deemed unacceptable based on criteria established in the Risks Identification and Assessment process.