The Management of QUENTA SOLUTIONS, in its desire to guarantee the security of the services it provides to its clients, decided to carry out its activities in accordance with the UNE-EN ISO/IEC 270001 standard, with the following scope:

“The information systems supporting the provision of IT services: IT Service Provision: Application Monitoring, Software Asset Management, Data Analytics and IT Security, according to the current statement of applicability as of the date of issuance of the certificate”. 

Given the importance of information systems, as well as the information available for business activity, Quenta Solutions establishes the following guidelines through its Management for all employees or those who have or may have access to company information or information directly or indirectly related to the same, through the provision of their services.

Information must be given an adequate level of protection based on classification guidelines (according to its value, legal requirements, sensitivity and criticality).

Information Security takes into account compliance with current legislation and contractual requirements.

Security measures must be implemented with a risk management oriented approach, aiming at and complying with security requirements in all three dimensions (confidentiality, integrity, availability) 

Information Security is the responsibility of all Quenta personnel, who must be trained and made aware of the need to satisfactorily fulfil their responsibilities

All company personnel must maintain the confidentiality of information to which they may have access,  as well as the obligation to comply with the security standards implemented and the controls establishes

Management establishes the necessary for the effective maintenance of the Information Security Management System

Quenta’s Information Security is periodically evaluated and reviewed to contribute to the minimisation of risks and continuous improvement of the security process, and audits are carried out to guarantee the effectiveness of the Information Security Management System

This Policy must be understood, assumed and observed by all Quenta personnel and its collaborators. It shall also be available to any person interested in it.

In Madrid, 21 st December 2020.

 Managing Director de Quenta Solutions.