Security Policy

Introduction

AMELIA‘s Security Policy reflects the security concepts, principles, responsibilities and objectives, the results of which enable the company to guarantee the necessary freedom of action.

The objective of AMELIA’s Integral Security is to protect the people who work in the company, the confidentiality of their communicat ions and the integrity of their information. It also safeguards the other assets that make up the company’s assets, such as its facilities and contents of all kinds.

Integrated Security comprises the traditional concepts of physical security and logical (technological) security in order to maintain business continuity in the face of any adverse circumstances.

An increased “security culture” among the company’s staff will provide clear benefits by increasing the security of systems and procedures, and minimizing the risk of potential malicious actions.

It is essential that all information concerning security issues flows through the appropriate channels to the company’s decision-making bodies.

Principles

  • Integration. Global Security is an integrated process aligned with the business, involving the entire company.
  • Profitability. Security is guided by business criteria, taking into account the relationship between expenditure and investment. Its criteria are set centrally, taking advantage of any existing synergies. This management allows for an overall reduction in expenditure and a better return on the effort applied to security.
  • Continuity. Security must be present throughout its work cycle: protection, prevention, detection, response and recovery.
  • Adequacy. The means employed must be adapted to the business environment. Among other factors, competition with other companies, social, political and economic upheavals, amateur or professional hacking, etc., stand out for their impact on the business and on the organization’s security levels.

Responsibilities

The ultimate responsibility for security lies with the management team, which is directly responsible for managing its development and implementation.

The management team shall analyze security risks and vulnerabilities that may affect the smooth running of the business and propose appropriate rules, means and measures to minimize them.

All the organization’s personnel must assume responsibility for maintaining the security of the assets in their charge, observing the security rules implemented by the management team.

Objectives

  • Achieve and maintain the level of security required to adequately ensure business continuity, even in adverse situations.
  • Increasing integration and mutual support of the physical and logical aspects of security.
  • Collaborate in the management of other safety disciplines, including labor and environmental aspects, taking into account the criteria that promote Corporate Social Responsibility.
  • Establish the corporate security structure defined by the organization’s decision-making bodies and create appropriate communication channels between all those involved.
  • Comply with official safety regulations and other requirements. Establish and implement Training and Safety Dissemination Plans to improve staff training.
  • Express commitment to continuous improvement.
  • Integrate the different departments of the company in a security management system that, under common criteria, takes advantage of synergies and achieves consistency in resources and actions.
  • All AMELIA personnel shall be familiar with and apply the regulations that develop this Security Policy.