LAMBDA AUTOMOTIVE, a company specializing in efficient solutions for the automotive industry, dedicated to software consulting and development, maintenance and support of assistance and mobility solutions, has decided to introduce an Information Security Management System based on the ISO 27001 standard. Our objective is to preserve the confidentiality, integrity and availability of the information, protect the information from a wide group of threats and ensuring the continuity of the business lines, minimizing damages and maximizing the return of the investments and the business opportunities and the continuous improvement.
The LAMBDA AUTOMOTIVE Management Team is aware that information is an asset that has a high value for the Organization and therefore requires adequate protection.
The LAMBDA AUTOMOTIVE Management Team establishes the following as basic objectives, starting point and support of the objectives and principles of information security:
- The protection of personal data and the people privacy.
- The safeguarding of the organization’s records.
- The protection of the intellectual property rights.
- The information security policy documentation.
- Assigning security responsibilities.
- Information security education and training.
- The registration of security incidents.
- Business continuity management.
- The management of changes that may occur in the company related to security.
The LAMBDA AUTOMOTIVE Management Team, through the development and introduction of this Information Security Management System, acquires the following commitments:
- Product and service development in accordance with legislative requirements, identifying the applicable laws for the business lines developed by the organization and included in the scope of the Information Security Management System.
- Establishment and fulfillment of contractual requirements with interested parties.
- Define security training requirements and provide the necessary training in this matter to the interested parties, through the establishment of training plans.
- Prevention and detection of viruses and other malicious software, through the development of specific policies and the establishment of contractual agreements with specialized organizations.
- Business continuity management, through the development of continuity plans in accordance with internationally recognized methodologies.
- Establishment of the consequences of violations of the security policy, which will be reflected in the contracts signed with interested parties, suppliers and subcontractors.
- Act at all times within the strictest professional ethics.
This Policy provides the frame of reference for the continuous improvement of the Information Security Management System as well as to establish and review the objectives of the Information Security Management System, being communicated to the entire Organization, being reviewed annually for its adequacy and extraordinarily when there are special situations and/or substantial changes in the Information Security Management System, being available to the general public.