QUALITY MANAGEMENT SYSTEM (QMS) POLICY - HISPASEC SISTEMAS, S.L.
1. INTRODUCTION
Hispasec Sistemas, S.L. is a private computer security company founded at the end of 1998, created by computer security experts and with cybersecurity as its only business area, focusing its work on the investigation of computer security problems and threats, which initially arose with the launch of the daily newsletter "Una-al-día", the first daily technical information service in Spanish on computer security.
Information can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by mail or using electronic media, shown on film or spoken in conversation.
During its journey Hispasec Sistemas, S.L. has developed and provided corrective and preventive solutions for all types of sectors, covering services such as consulting, auditing, training, anti-fraud, anti-phishing, anti-malware, the development of the MAIA solution, focused on Android malware, as well as the creation of VirusTotal, which was acquired by Google in 2012.
Esta experiencia, junto con el conocimiento acumulado, el know-how, la especialización y la reputación obtenida permite a Hispasec Sistemas, S.L. ofrecer servicios de una elevada calidad contrastada, donde cada cliente recibe una atención individualizada para aportarle soluciones adaptadas.
Currently, Hispasec Sistemas, S.L. has its head office in C/ Severo Ochoa, Nº 10. C.P.: 29590 - Campanillas (Málaga) - Parque Tecnológico de Andalucía (PTA) - (Spain).
2. OBJECTIVE OF THE QUALITY MANAGEMENT SYSTEM (QMS) POLICY
The purpose of the quality policy of Hispasec Sistemas, S.L. is to establish the objectives of the organization, the frame of reference for the planning, operation and improvement of the Quality Management System (QMS) and the provision of services in order to achieve an optimum degree of competitiveness within its sector.
Hispasec Sistemas, S.L. has defined the most appropriate processes for the improvement in the provision of services to its customers and the satisfaction of the expectations of interested parties, improving its processes and respecting compliance with current regulations.
Therefore, the Management of Hispasec Sistemas, S.L. through this Quality Management System Policy (QMS) expressly states its commitment to its customers to provide its services with the highest quality and safety and the establishment of a relationship of trust and full commitment.
3. SCOPE OF THE QUALITY MANAGEMENT SYSTEM (QMS) POLICY
This quality security policy applies to all Hispasec Sistemas, S.L. information systems and to all the company's staff and third parties affected within the process of providing SOC (Security Operations Center) services and computer security audits.
4. DEVELOPMENT OF THE QUALITY MANAGEMENT SYSTEM (QMS) POLICY
Hispasec Sistemas, S.L. develops a company culture, a way of working and decision making that allows:
· To create a management culture based on service quality, training and motivating personnel to provide the highest possible satisfaction to our customers.
· To ensure the satisfaction of our customers and employees by adjusting to their needs and taking their opinions and requirements into account at all times.
· To create and promote an optimal working environment, where all members of Hispasec Sistemas, S.L. contribute to provide services with the highest quality, and that represent an added value for our customers.
· To achieve high competitiveness in our markets based on the trust and loyalty of our customers and on the commitment and retention of our employees' talent.
· Work for an early identification and eradication of the sources of errors, with prevention taking priority over correction.
Thus, Hispasec Sistemas, S.L. is committed to develop, implement, maintain and continuously improve its Quality Management System (QMS) with the aim of continuous improvement in the way we provide our services.
Therefore, it is the policy of Hispasec Sistemas, S.L.:
· Generate a reference framework to establish objectives on an annual basis, as well as the general orientation of the principles of action, in relation to the processes.
· Comply with applicable legal and regulatory requirements, as well as the service level commitments acquired with customers.
· Conduct training and awareness-raising activities on quality processes for all personnel.
· Develop and operate a risk analysis, management and treatment process for the company's processes and establish actions to mitigate the risks detected.
This quality policy establishes the responsibility of employees in relation to:
· Prompt communication of incidents for their correct treatment.
· Compliance with the policies, processes and procedures inherent to the Quality Management System (QMS).
Likewise, Hispasec Sistemas, S.L., considering the performance of its suppliers as a critical aspect that affects its ability to meet the requirements established in the quality management system (QMS), establishes a series of aspects to be taken into account when applying the evaluation, selection, control, monitoring and re-evaluation of the performance of its suppliers:
· Basing the selection of suppliers on criteria of objectivity, respect and transparency, reconciling the company's interest in obtaining the best supply conditions with ethical and responsible suppliers.
· Verifying that suppliers have the capacity to comply with the requirements previously established, considering evidence of compliance with technical specifications, obtaining information security certifications, service delivery capacity, response times, compliance with the quality required in the service, resolution of general and specific demands, economic criteria, social regulations, reliability, and respect for their principles and values.
· Establishing lines of communication with suppliers on which periodic evaluations will be carried out during the execution of the service provision, and which will allow continuous improvement through the assessment of the service and the incidents produced in order to ensure their capacity to comply with the requested requirements.
It is the responsibility of the Management and the Quality Manager of Hispasec Sistemas, S.L., as those directly responsible for the maintenance of this policy in each of its areas, to provide advice and guidance for its implementation and correction in case of detected deviations.
5. REFERENCES
· UNE-EN ISO/IEC 9001:2025. Quality management systems. Requirements.
This policy has been approved and revised by the management of Hispasec Sistemas, S.L. on July 3, 2023.
© 2024 All Rights Reserved.
