Plusnet Solutions

Quality and Information Security Policy

Our Quality and Information Security Policy sets out the principles that guide Plusnet Solutions in meeting the needs and expectations of our clients and relevant stakeholders.

Moreover, due to the nature of our activity, at Plusnet we recognize that information is a highly valuable asset for our organization. Therefore, it requires appropriate protection and management to ensure business continuity and minimize potential damages caused by Information Security breaches, particularly those concerning availability, integrity, and confidentiality.

The Core Principles of Our Integrated System Policy are:

  • Transform the company’s youthful energy into a competitive advantage by developing procedures and methods that establish a new style in the world of consulting and auditing in Information Systems Integration.
  • Provide our clients with services distinguished by their quality across all areas: contracting, delivery, interaction, and outcomes.
  • Align our commitment to achieving goals with our clients’ objectives, creating satisfied clients who are aware of the value of their choice in Plusnet. Measure client satisfaction with Plusnet on a regular basis.
  • Ensure compliance with both contractual and applicable legal requirements related to our business activities.
  • Foster the implementation of a Continuous Improvement System that allows us to prevent non-conformities and meet the expectations and requirements of our clients and other stakeholders, as well as those of our information systems.
  • Provide quality and Information Security training and awareness programs for all employees and other interested parties.
  • Establish Quality and Information Security Objectives and ensure their compliance by including them in the Company’s Annual Strategic Plan.
  • Maintain brand reputation regarding data security.
  • Properly manage the information lifecycle to prevent misuse in any of its phases.
  • Provide the necessary means to apply the Management System in accordance with the specifications established in ISO 9001:2015 and ISO 27001:2022 standards.
  • Select suppliers and subcontractors based on Quality and Information Security criteria.
  • Establish consequences for security policy violations, which will be reflected in contracts signed with interested parties, suppliers, and subcontractors.
  • Ensure business continuity by developing continuity plans in accordance with recognized methodologies.
  • Regularly perform and review risk analyses based on recognized methods, allowing us to determine the information security level and mitigate risks by developing specific policies, technical solutions, and contractual agreements with specialized organizations.
  • Fulfill our commitment to confidentiality, availability, and integrity of information for all stakeholders.

The Quality and Information Security Policy, together with our strategic positioning, ensures the growth and consolidation of our Organization. For this reason, Plusnet’s General Management is committed to promoting, supporting, and facilitating all actions aimed at achieving the established Quality and Information Security Objectives and providing all necessary resources.

Madrid, October 17, 2024