Security Policy

Introduction

ZINKLAR’s Security Policy sets out the concepts, principles, responsibilities and objectives relating to security, the results of which allow the company to safeguard the freedom of action it requires.

The aim of ZINKLAR’s Integral Security is to protect all people, whether users, professionals or employees, the availability and confidentiality of their communications and the integrity of their information. It also safeguards the other assets that make up the company’s holdings, such as its facilities and content of every kind.

Integral Security encompasses the traditional concepts of physical security and logical (technological) security in order to maintain business continuity in the face of any adverse circumstance.

An increase in the “security culture” among personnel will provide clear benefits by enhancing the security of systems and procedures, and will minimize the risk of potential malicious actions. It is essential that all information concerning security matters flow through the appropriate channels, both horizontally and vertically, within the organizational unit.

Principles

  • Integration. Global Security is a process that is integrated and aligned with the business, in which the entire company takes part.
  • Cost-effectiveness. Security is guided by business criteria, taking into account the relationship between expenditure and investment. Its criteria are set centrally, taking advantage of any existing synergy. This management allows for a better return on the effort applied to security.
  • Continuity. Security must be present throughout its entire work cycle: protection, prevention, detection, response and recovery.
  • Adequacy. The means employed must be adapted to the operating environment. Among other factors, those that stand out for their impact on the business and on the organization’s security levels are competition with other companies, social, political and economic unrest, and amateur or professional “hacking”.

Responsibilities

Ultimate responsibility for security rests with the management team, which is directly responsible for managing its development and implementation.

The management team will analyze the security risks and vulnerabilities that may affect the proper functioning of the business and will propose the relevant rules, means and measures to minimize them.

All personnel in the organization must take on the responsibility of maintaining the security of the assets in their charge, observing the security rules implemented by the management team.

Objectives

  • Achieve and maintain the level of security required to adequately guarantee business continuity, even in adverse situations.
  • Increase the integration and mutual support of the physical and logical aspects of security.
  • Collaborate in the management of the other security disciplines, including labor and environmental aspects, in accordance with the criteria that strengthen Corporate Social Responsibility.
  • Establish the corporate security structure defined by the organization’s decision-making bodies and create the appropriate communication channels among all those involved.
  • Comply with official security regulations and other requirements.
  • Establish and implement Security Training and Awareness Plans to improve the training of personnel.
  • An express commitment to continuous improvement.
  • Integrate the various departments of the company into a security management system that, under common criteria, takes advantage of synergies and achieves consistency in resources and actions.
  • All ZINKLAR personnel will know and apply the rules that develop this Security Policy.