Altilia Information Security and Quality Policy

The Integrated Management System is the tool through which Altilia intends to address all aspects related to Information Security and Quality, in order to ensure the confidentiality, integrity, and availability of its informational assets and business systems.

Achieving adequate levels of security allows us to mitigate and counteract losses and/or damages that may affect individuals, the company’s image and reputation, as well as economic and financial aspects. Furthermore, it ensures compliance with contractual and legislative contexts regarding service continuity and protection from significant incidents.

The Top Management has defined the following objectives for the implementation of an effective Integrated Management System:

Aspects Related to Information Security:

• Adopt and implement recognized principles and best practices to ensure Information Security and promote the acquisition of certifications that conform to international standards of reference.
• Define roles and responsibilities to be assigned to employees at all hierarchical levels, involving third parties holding key roles.
• Allocate the necessary resources to ensure the adoption of suitable measures regarding physical, logical, and organizational security, and to achieve the set objectives.
• Ensure that all cloud services activated within the company (SaaS services), supporting operational processes, guarantee adequate conditions of accessibility, protection, and data storage, in accordance with applicable regulations and company rules.
• Identify, document, and apply rules governing the use of information, assets, and tools utilized.
• Implement appropriate response and management measures in the event of occurrences that may compromise information security and normal operations.
• Develop an awareness program for staff through regular informational and training sessions.
• Commit to continuously improving and evolving the Management System by planning, executing, verifying, and continually implementing measures aimed at countering potential events that could compromise the company’s informational assets.

Aspects Related to Quality:

• Adopt and implement recognized principles and best practices to ensure the Quality of business processes and services provided, and promote the acquisition of certifications that conform to reference standards.
• Establish an Integrated Management System in compliance with UNI EN ISO 9001:2015 requirements, ensuring clients’ right to the best possible service based on quality processes.
• Allocate the necessary resources to ensure the adoption of appropriate measures regarding the quality of internal processes and customer services.
• Continuously promote the Integrated Management System through the ongoing commitment of Top Management and key stakeholders.
• Identify, document, and apply rules that regulate the provision of services according to ethical principles and continuous improvement.
• Develop an awareness program for staff through regular informational and training sessions.
• Implement appropriate response and management measures in the event of occurrences that may compromise the quality of business processes and services offered to clients.
• Ensure compliance with contractual, legislative, and regulatory requirements in both internal processes and customer-facing activities.
• Commit to continuously improving and evolving the Integrated Management System by planning, executing, verifying, and continually implementing measures aimed at countering potential events that could compromise Quality in processes and customer services.

Rende (CS) Italy, 01/07/2024