Information Security Management Policy

BLOCKNITIVE is a Spanish company expert in information technologies, dedicated to the "Information and Communication Technologies".design and development of computer applications for third parties"We offer creative solutions to business problems and expertise to help clients keep up to date with the latest innovations in information and communications technology, as well as apply these technologies for the benefit of their business. The company carries out tailor-made projects for each client, developing and integrating them into each client's Management System. It assumes partial or total responsibility for evolving or managing Information Systems and provides access to professionals with varying degrees of specialization and experience, capable of creating new IT solutions, as well as supporting management, operational continuity and technological evolution of new or existing platforms. It is a team with extensive experience in its area, with projects carried out in companies of the most varied sectors, sizes and complexities.

BLOCKNITIVE, aware that the security of information relating to our customers is a valuable resource, has established an Information Security Management System in accordance with the requirements of ISO/IEC 27001 to guarantee the continuity of information systems, minimize the risk of damage and ensure compliance with the objectives set.

The objective of the Security Policy is to establish the necessary framework for action to protect information resources against threats, whether internal or external, deliberate or accidental, in order to ensure compliance with the confidentiality, integrity and availability of information.

The effectiveness and application of the Information Security Management System is the direct responsibility of the Information Security Committee, which is responsible for the approval, dissemination and compliance with this Security Policy. In its name and on its behalf, an Information Security Management System Manager has been appointed, who has sufficient authority to play an active role in the Information Security Management System, supervising its implementation, development and maintenance.

The Information Security Committee shall develop and approve the risk analysis methodology used in the Information Security Management System.

Any person whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System is obliged to strictly comply with the Security Policy.

BLOCKNITIVE will implement all necessary measures to comply with applicable regulations on security in general and computer security, relating to IT policy, security of buildings and facilities and the behavior of employees and third parties associated with BLOCKNITIVE in the use of computer systems. The measures necessary to ensure the security of information through the implementation of rules, procedures and controls must ensure the confidentiality, integrity and availability of information, essential for:

  • Comply with current legislation on information systems.
  • To ensure the confidentiality of the data managed by BLOCKNITIVE.
  • Ensure the availability of information systems, both in the services offered to customers and in internal management.
  • Ensure the capacity to respond to emergency situations, restoring the operation of critical services in the shortest possible time.
  • Avoid undue alterations in the information.
  • Promote information security awareness and training.