Quality and Information Security Policy.
Vizzuality specializes in software development, design, and data engineering consultancy.
As such, we have implemented a quality and information security management system to achieve client satisfaction through established processes grounded in continuous improvement. We ensure the continuity of information systems, minimize risks, and guarantee the achievement of set objectives, thereby safeguarding the confidentiality, integrity, and availability of information at all times.
We commit to quality and information security by the UNE/EN-ISO 9001:2015 and ISO/IEC 27001:2022 standards to achieve this.
The management establishes the following principles:
- Leadership and competence from management are a commitment to developing the quality and information security management system.
- Identify internal and external stakeholders involved in the quality management system and fulfil their requirements.
- Understand the organization's context and determine its opportunities and risks. This will serve as a basis for planning actions to address, manage, or mitigate them.
- Ensure client satisfaction, including stakeholders affected by the company's outcomes, in all matters related to our activities and their potential societal impact.
- Set objectives and targets focused on evaluating quality performance and continuously improving activities regulated by the Management System.
- Comply with applicable laws related to our activity, commitments made to clients and stakeholders, and all the company's internal standards or guidelines.
- Ensure the confidentiality of managed data and the availability of information systems, both in services offered to clients and internal management, preventing improper alterations to the information.
- Guarantee an effective response to emergencies by restoring critical services in the shortest possible time.
- Establish appropriate measures to address risks identified through asset identification and evaluation.
- Motivate and train all employees to perform their duties correctly and to act according to the standards' requirements, providing an appropriate environment to carry out processes.
- Maintain clear and open communication both internally and with clients.
- Evaluate and ensure the technical competence of staff in performing their duties and their motivation to participate in the continuous improvement of our processes.
- Implement and maintain a continuous evaluation system for suppliers and subcontractors, particularly those involved in the ISMS, regarding their performance.
- Ensure facilities and equipment are in suitable condition and aligned with the company's activities, objectives, and targets.
- Ensure continuous analysis of all relevant processes, implementing necessary improvements based on results and established objectives.
The management endorsed these principles, providing the necessary resources and equipping employees to meet these commitments. This Quality and Information Security Policy is communicated and made publicly available.