Security Policy

The NYMIZ Security Policy reflects the concepts, principles, responsibilities and objectives in terms of security, the results of which allow the company to guarantee the necessary freedom of action.

The objective of the Comprehensive Security of NYMIZ is to protect the people who work in the company, the confidentiality of their communications and the integrity of their information. It also looks after the other assets that make up the company’s assets, such as facilities or content of all kinds.

Comprehensive Security comprises the traditional concepts of physical security and logical (technological) security in order to maintain business continuity in any adverse circumstance.

An increase in the “culture of security” in company personnel will provide clear benefits by increasing the security of systems and procedures, and will minimize the risk of potential malicious actions.

It is essential that all information regarding security matters flows through the appropriate channels to the decision-making bodies of the company.

Principles

1. Integration. Global Security is an integrated process aligned with the business, in which the entire company participates.
2. Cost effectiveness. Security is guided by business criteria, taking into account the relationship between spending and investment. Its criteria are set centrally, taking advantage of any existing synergies. This management allows an overall reduction in spending and a better performance of the effort applied to security.
3. Continuity. Security must be present throughout its work cycle: protection, prevention, detection, response and recovery.
4. Adequacy. The means used must adapt to the business environment. Among other factors, competition with other companies, social, political and economic disorders, amateur or professional “hacking” stand out for their impact on the business and on the organization’s security levels…

Responsibilities

1. The ultimate responsibility for security corresponds to the management team, which is directly responsible for managing its development and implementation.
2. The management team will analyze the risks and vulnerabilities in terms of security that may affect the proper functioning of the business and will propose the appropriate rules, means and measures to minimize them.
3. All the organization’s personnel must assume responsibility for maintaining the security of the assets in their charge, observing the security regulations that are implemented by the management team.

Goals

1. Achieve and maintain the level of security required to adequately guarantee business continuity, even in adverse situations.
2. Increase the integration and mutual support of the physical and logical aspects of security.
3. Collaborate in the management of the other safety disciplines, including labor and environmental aspects, attending to the criteria that promote Corporate Social Responsibility.
4. Establish the corporate security structure defined by the decision-making bodies of the organization and create the appropriate communication channels between all those involved.
5. Comply with the official regulations on security and other requirements.
6. Establish and implement Training and Safety Disclosure Plans to improve staff training
7. Express commitment to continuous improvement.
8. Integrate the different departments of the company into a security management system that, under common criteria, takes advantage of synergies and achieves consistency in resources and actions.
9. All NYMIZ personnel will know and apply the regulations that develop this Security Policy.

Last revision date: 11/01/2023