The management of ASPA TECHNOLOGY S.L.U. establishes, approves, disseminates at all levels of the organisation, implements, monitors and reviews the Information Security policy it considers most appropriate for the organisation to achieve its Information Security objectives.

To achieve this, the management of ASPA TECHNOLOGY S.L. ensures that the aforementioned policy

• Is appropriate for achieving the purpose of the organisation.
• Provides the appropriate framework for establishing and reviewing Information Security objectives, with a view to achieving them under the pre-established conditions.
• Includes a commitment to meeting the needs of Confidentiality, Availability and Integrity within the scope of the organisation's ISMS and to continuously improving the effectiveness of the ISMS itself.
• Once the Information Security Policy has been approved, it is published through the various channels available to the organisation, for the awareness of all staff.
• It is communicated throughout the organisation, verifying that it is correctly understood at the different levels of the organisation, and subsequently implemented across the organisation.
• The Information Security policy of ASPA TECHNOLOGY S.L.U. is reviewed annually to ensure its continued suitability to the purpose of the organisation, the nature of its activities, and as a commitment to compliance with customer, legal and regulatory requirements.

Information Security in service delivery is the objective underpinning the activities carried out by ASPA TECHNOLOGY S.L.U.

To meet these objectives ASPA TECHNOLOGY S.L.U. commits to

• Providing services in an optimal and efficient manner, satisfying the needs and expectations of customers and interested parties.
• Ensuring that the legal and regulatory requirements applicable to the services provided by ASPA TECHNOLOGY S.L.U. are met.
• Continuously improving through the establishment and fulfilment of objectives that guarantee such improvement.
• Allocating part of its resources to R&D&I projects, in pursuit of the objectives and priorities of our company's research, development and technological innovation policy.
• Assigning the necessary resources to achieve the Information Security Management objectives defined by ASPA TECHNOLOGY S.L.U.
• Permanently analysing the information gathered during the performance of activities, as well as that provided by customers, in order to correct and prevent failures and improve processes and services.
• Training all employees of ASPA TECHNOLOGY S.L.U. so that they help us to continuously evolve through the establishment of new objectives.
• Establishing a documented system that ensures compliance with the guidelines assumed herein.

All staff of ASPA TECHNOLOGY S.L.U. must be aware of, understand and apply this Policy, and the organisation takes the appropriate measures to ensure this.

ASPA TECHNOLOGY S.L.U., in order to achieve these goals, maintains an Information Security Management System based on the requirements of the ISO 27001 standard, aimed at carrying out its activities with excellence.