The objective of the Security Policy is to set the framework for action necessary to protect information resources against threats, internal or external, deliberate or accidental, to ensure compliance with the confidentiality, integrity, and availability of information.
The effectiveness and application of the Information Security Management System is the direct responsibility of the Information Security Committee, which is responsible for the approval, dissemination, and compliance of this Security Policy. In their name and representation, a person in charge of the Information Security Management System has been appointed, who has sufficient authority to play an active role in the Information Security Management System, supervising its implementation, development, and maintenance.
The Information Security Committee will proceed to develop and approve the risk analysis methodology used in the Information Security Management System.
Any individual whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System, is obliged to strictly comply with the Security Policy.
In BUGUROO all the necessary measures will be implemented to comply with the applicable regulations on general security and computer security, related to computer policy, the security of buildings and facilities, and the behavior of employees and third parties associated with BUGUROO in the use of computer systems. The measures necessary to guarantee the security of information through the application of standards, procedures, and controls must ensure the confidentiality, integrity, availability of information, essential for:
Pablo de la Riva Ferrezuelo