Nodus, aware that the security of information related to our customers is a valuable resource, has established an Information Security Management System in accordance with the requirements of ISO/IEC 27001:2013 to ensure the continuity of information systems and their continuous improvement, minimize damage risks and ensure the achievement of set objectives.
The objective of the Security Policy is to establish the framework for action necessary to protect information resources against threats, internal or external, deliberate or accidental, in order to ensure compliance with the confidentiality, integrity and availability of information.
The effectiveness and application of the Information Security Management System is the direct responsibility of the Information Security Committee, which is responsible for the approval, dissemination and compliance with this Security Policy. In its name and representation, a Responsible for the Information Security Management System has been appointed, who has the sufficient authority to play an active role in the Information Security Management System, supervising its implementation, development and maintenance.
The Information Security Committee will proceed to develop and approve the risk analysis methodology used in the Information Security Management System. Any person whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System, is obliged to strictly comply with the Security Policy.