Information Security Policy
We follow the best market practices regarding information security, having chosen the ISO 27001 standard to ensure the organization’s objectives in this regard.
Urudata S.A. is committed to protecting information based on the best information security practices available in the market. We allocate the necessary resources to ensure the integrity, confidentiality, and availability of information, complying with the organization's established standards.
All personnel are responsible for protecting the information entrusted to them and must comply with the extended policy published on our intranet.
Urudata S.A. implements controls over its information storage and transmission assets, as well as their usage practices, to ensure that information is handled in accordance with established policies.
All personnel must be aware of and accept the terms of the Information Security Management System Policy, as well as any related policies relevant to their role within the company. Failure to comply with or violating the defined policies will be considered an infraction. The severity will be determined based on the circumstances and consequences and will be assessed by the management committee.
The policies derived from this document that form the Information Security Management System of Urudata S.A. include:
• Information classification and management
• Security policies for user systems
• User identification and access management
• Privileged user operations
• Physical security
• Infrastructure administration
• Incident management
• Remote access/teleworking
• External user access
• Secure development