Information Security Policy

Introduction

The organization’s Security Policy reflects the security concepts, principles, responsibilities and objectives, the results of which allow the company to guarantee the necessary freedom of action. Kurago Software is a center of excellence in the sheet metal sector. Our vocation is to be a reference in everything related to software engineering. We cover the entire product life cycle from ideation to implementation of customized solutions and their maintenance and updating. We develop systems capable of providing agility and accelerating industrial production.

The objective pursued by Kurago Software with this policy is to protect the people working in the company, the confidentiality of their communications, the integrity of their information and availability. It also safeguards the other assets that make up the company’s assets, such as facilities or contents of all kinds.

Integral Security includes the traditional concepts of physical security and logical (technological) security in order to maintain business continuity in the face of any adverse circumstance.

Kurago Software advocates a “culture of security” in the company’s personnel, providing clear benefits by increasing the security of systems and procedures, and minimizing the risk of potential malicious actions.
It is essential that all information concerning security issues flows through the appropriate channels to the company’s decision-making bodies.

Guiding Principles

  • Integration. Global Security is an integrated process aligned with the business, in which the entire company participates.
  • Profitability. Security is guided by business criteria, considering the relationship between expenditure and investment. Its criteria are set centrally, taking advantage of any existing synergies. This management allows for an overall reduction in expenditure and a better
  • return on the effort applied to security.
  • Continuity. Security must be present throughout its work cycle: protection, prevention, detection, response and recovery.
  • Adequacy. The means employed must be adapted to the business environment. Among other factors, competition with other companies, social, political and economic upheavals, amateur or professional hacking, etc. stand out for their impact on the business and on the organization’s security levels.

Objectives

  • Achieve and maintain the level of security required to adequately guarantee business continuity, even in adverse situations.
  • Increase the integration and mutual support of the physical and logical aspects of security.
  • Collaborate in the management of the other security disciplines, including labor and environmental aspects, attending to the criteria that enhance Corporate Social Responsibility.
  • Establish the corporate safety structure defined by the organization’s decision-making bodies and create the appropriate communication channels between all those involved.
  • Comply with official safety regulations and other requirements.
  • Establish and implement Safety Training and Dissemination Plans to improve staff training.
  • Express commitment to continuous improvement.
  • Integrate the different departments of the company in a safety management system that, under common criteria, takes advantage of synergies and achieves consistency in resources and actions.
  • All personnel of the organization will know and apply the regulations that develop this Safety Policy.

Non conformity

Failure to comply with any of the limits defined by this Policy may result in a financial impact for the employee or disciplinary sanctions, if applicable.