Information security policy
Information security policyIDC – Indicom Document Care operates in the field of IT document management and in particular in the field of “compliant conservation” and electronic invoicing. Given the nature of its activities, IDC considers information security an indispensable and indispensable factor for its corporate policy.
Particular attention is paid to issues relating to safety throughout the life cycle of the services provided, starting from negotiations with the customer and the customization of the services.
The security levels that IDC guarantees are such as to comply with the contractual clauses and current legislation, as well as capable of guaranteeing coherence and balance between: business risk, economic sustainability, results of risk analyzes and assessments, corporate policies and strategies , policies and strategies of suppliers and customers, the need to constantly adapt to the context in which we operate and to improve the effectiveness and efficiency of our processes and security controls.
Aware of the fact that its services involve the trust of its customers’ critical data and information, IDC operates according to internationally recognized security regulations.
For this reason, the necessary measures are adopted to best guarantee the integrity, confidentiality and availability of both the information assets entrusted by its customers and internal information.
All procedures and systems used serve to ensure that the basic safety requirements listed here are met:
• CONFIDENTIALITY: property of information not to be available to unauthorized individuals, entities and processes;
• INTEGRITY: property of information to be protected with regards to accuracy and completeness;
• AVAILABILITY: property of being accessible and usable, within the expected times, upon request of an authorized entity.
Additionally, other requirements that IDC intends to meet are listed here:
• protect your own and your customers’ information;
• retain its customers and staff;
• fully respond to the indications of current and binding legislation;
• increase, among its staff, the level of sensitivity and competence regarding information security and the need to follow the ethical principles and prescribed behaviors;
• improve the performance of its business processes by monitoring them.
The final responsibility for information security falls on the Management which has delegated the managers of the internal divisions to implement what is necessary.