Information Security Management System Policy
The Information Security Management System of Redsauce Engineering Services S.L. (Redsauce) aims at the fundamental goal of protecting information by providing a secure working environment for its employees, clients, and suppliers through appropriate security measures and operational processes.
The principles of our information security policy are as follows:
- Confidentiality: Information should be known exclusively by authorized personnel.
- Integrity: Information will always be complete, accurate, valid, and free from tampering.
- Availability: Information will always be accessible to authorized users at all times, and its persistence will be ensured in the face of any eventuality.
At Redsauce, we are aware that our "software quality and software development" services require adequate protection and management in order to ensure the continuity of our services and minimize potential damage caused by information security breaches.
To achieve this, we make the following commitments:
- Redsauce's ongoing commitment to information security management will be demonstrated through training and awareness programs that promote participatory management in these areas, enabling employees' skills to be used for continuous improvement of the production process and security.
- To ensure compliance with applicable laws and regulations and other requirements agreed with our clients, including those related to information security and data protection, we will comply with current legislation and regulations.
- We will comply with requirements and continuously improve the effectiveness of the Information Security Management System by implementing measurement and monitoring systems for engineering projects and security objectives.
- We will periodically conduct risk assessments based on recognized methods to determine the level of information security and minimize risks through the development of specific policies, technical solutions, and contractual agreements with specialized organizations.
- Redsauce employees will work towards achieving set objectives and will at all times comply with legal and client requirements.
- We will select employees, suppliers, and subcontractors based on information security criteria.
- Any incident or weakness that may compromise or has compromised the confidentiality, integrity, and/or availability of information must be recorded and analyzed to implement the corresponding corrective and/or preventive measures; likewise, they will be communicated to the interested parties within the corresponding deadlines.
The Management of Redsauce Engineering Services S.L.
Viladecans, March 7, 2023
