Security Policy
Information Security Policy
Madrid, 16 January 2025. Version 1.
In a technological environment where the convergence between computing and communications is enabling a new productivity paradigm for businesses, it is very important that users of the corporate information system have a guide of best practices to achieve the objectives of confidentiality, integrity, availability and legality of all managed Information.
- Confidentiality: Information processed by Diverger shall be known exclusively by authorised persons, following prior identification, at the time and through the means enabled.
- Integrity: Information processed by Diverger shall be complete, accurate and valid.
- Availability: Information processed by Diverger shall be accessible and used by authorised and identified users at all times, its permanence being guaranteed against any eventuality.
- Legality: Diverger shall guarantee compliance with all applicable legislation. In particular, the regulations in force relating to the processing of personal data.
The General Management of Diverger assumes responsibility for supporting and promoting the establishment of the organisational, technical and control measures necessary for compliance with the security guidelines described herein, in order to establish a framework of continuous improvement of the Organisation's information security. Accordingly, Diverger has defined a set of internal rules that all users of the information system must comply with.
This Security Policy shall be maintained, updated and adapted to the purposes of the organisation, aligning with the organisation's strategic risk management context. To this end, it shall be reviewed at planned intervals or whenever significant changes occur, in order to ensure that its suitability, adequacy and effectiveness are maintained. Likewise, to manage the risks faced by Diverger, a formally defined risk assessment procedure is established.