Information Security Policy
This information security policy is approved by Viralgen's Management in order to reinforce the awareness of all Viralgen's members about the threats that may arise. Likewise, this policy constitutes the commitment in the continuous improvement of the level of maturity in the corporate processes, with the objective of maintaining high security standards that protect the confidentiality, integrity and availability of corporate information, complying with the following guidelines:
- Confidentiality: The information processed in Viralgen will have the appropriate security measures to restrict its knowledge to previously authorized persons and minimizing the probability of suffering an unauthorized dissemination of corporate information.
- Integrity: The information stored in Viralgen's systems will not be modified in an unauthorized manner, always aiming to have complete, accurate and valid information.
- Availability: The information generated and used in Viralgen will be accessible and usable by authorized and identified users at all times, guaranteeing its restoration capacity in the event of any foreseen eventuality.
- Cross-cutting adoption: Security measures are not the sole responsibility of the IT department. It is necessary that all Viralgen employees assume their responsibility in the treatment of corporate information, complying with the security measures that directly affect them.
Viralgen's Management, through the approval of this Policy, is committed to the continuous improvement of the maturity levels of security controls, taking into account the key performance indicators that provide information on the effectiveness of the same, the state of the art of the possible threats and cyber threats that may affect Viralgen, and therefore is committed to the implementation, dissemination and support of an Information Security Management System that allows improving the following functions or pillars of cybersecurity:
- Identification: Understanding the current context, identifying potential threats that may materialize and that could be detrimental to Viralgen.
- Protection: Establishing the appropriate technical and organizational security measures to guarantee Viralgen's work, limiting or containing the impact of a possible cybersecurity event.
- Detection: Defining the appropriate activities to identify and discover the occurrence of a cybersecurity event.
- Response: Establishing the appropriate activities to take action in the event of a security incident affecting information.
- Recovery: Promoting the appropriate activities to maintain resilience plans and restore
Let’s talk
Do you want to know more about how we can help you?