QUALITY AND INFORMATION SECURITY POLICY

Filedoc Software considers information an essential asset for the fulfilment of its activities.
This Policy applies to all employees, service providers, systems, processes and company facilities, as well as to all information processed, regardless of the medium.

Principles and Commitments

Filedoc promotes and implements appropriate security levels, ensuring the protection of information systems and of the information processed, stored or transmitted.
It is committed to ensuring the confidentiality, integrity and availability of information, as well as the effective management of security incidents.
It guarantees compliance with applicable legislation and regulations, contractual requirements and relevant international standards, including ISO/IEC 27001.
The company maintains a systematic process for identifying, assessing and treating risks, aligned with information security best practices.

Responsibilities

Management is responsible for communicating, implementing and enforcing this Policy.
The Information Security Officer (CISO) coordinates the Information Security Management System (ISMS).
All employees and service providers must comply with this Policy and report any detected security incidents.

General Security Rules

Filedoc ensures:
• Access to information based on the need-to-know principle.
• Protection of assets, systems and infrastructures against unauthorised access, loss or alteration.
• Appropriate use of technological resources and information.
• Security requirements applicable to suppliers and partners.
• Ongoing training and awareness in information security.

Objectives

• Reduce incidents.
• Minimise impact.
• Detect and respond quickly.

Continuous Improvement

Filedoc is committed to the continuous improvement of the ISMS, reviewing this Policy periodically or whenever relevant changes occur.