Foreworth Security Policy

At Foreworth, we make it a priority to inform all our clients and suppliers of our Information Security Guidelines. These guidelines reflect FOREWORTH's commitment to protecting and guaranteeing the confidentiality, integrity, availability, authenticity, and traceability of all information handled by the organization.

We work under an Information Security Management System, which not only covers the use of assets but also extends to all persons and third parties who are aware of and comply with these Guidelines, which have been structured in accordance with the ISO/IEC 27001 standard:2013. Both our Policy and the Information Security Guidelines are in line with the General Data Protection Regulation (GDPR).

Our security regulation covers the following areas and activities of the Organization:

Access to facilities

• Access to the corporate network

  All corporate resources are protected with the necessary technical security means to ensure the protection of information, either from access within facilities themselves or externally. The access and use of information are further regulated by rules focused on protection with special attention to sensitive or confidential information.

• Use of assets
  

  All personnel at FOREWORTH are required to make rational use of and ensure the care of equipment provided by the Organization for the performance of their duties and tasks. To support this, clear rules of use are set out for all personnel and security configurations are applied aimed at the protection of the information contained on each of these devices. 

• Internet use

  Special attention is paid to regulating the use of the Internet, email, and cloud storage for professional uses. This is done in order to minimize any risks that may occur with the unregulated or improper use of these tools. 

• Incident management
  

  The inclusion of FOREWORTH personnel in all security measures helps to detect possible problems that could jeopardize the confidentiality, integrity and availability of the services or assets they support as a part of their regular job functions. 

• Business continuity
  

  Each of the measures implemented for the availability and continuity of the business and its operations is in line with the requirements of the certified ISO schemes as set out by the organization.

• Intellectual property
  

  All intellectual properties are protected with the commitment of FOREWORTH personnel in accordance with the organization's confidentiality regulations.

Any violation of the Security Policies and/or Guidelines will be subject to sanctions in accordance with the mechanisms enabled in current legislation. Furthermore, both the Security Policy and Information Security Guidelines are periodically reviewed to align them with the needs of the organization. The Cybersecurity Committee is keenly aware of the importance of these Policies and actively participates in their review.

Our main responsibility is to offer our clients innovative solutions and services with high-quality standards. As a sign of guarantee and trust for our clients, Foreworth periodically undergoes independent audits to certify its management and production systems are in accordance with the prevailing international security standards, including:

• ISO 27001: Certification of Information Security Management Systems (ISMS)