Integrated Corporate Policy QMS/ISMS

Quality Management System/Information Security Management System

Redtrust’s leadership team drives the implementation, maintenance and continuous improvement of its Management System based on the requirements of the reference standards UNE-EN ISO 9001 (Quality Management Systems) and UNE-ISO/IEC 27001 (Information Security Management Systems).

The following are the bases that will serve as the organization’s pillars to achieve and guarantee the effectiveness of the Management System:

  • To ensure the satisfaction of the requirements and expectations of our clients through a global and multidisciplinary understanding of their needs.
  • To ensure that all services provided are managed to guarantee compliance with deadlines, expected response, high quality and client benefit, thus achieving the simultaneous improvement of the company’s competitiveness.
  • Ensure that the requirements agreed with clients, as well as all applicable legal requirements, are met and maintained.
  • High commitment to the client in order to guarantee an uninterrupted service, with a quick and adequate management of Quality and Information Security incidents.
  • Excellence in customer service.
  • Leadership and staff participation, motivating and promoting Redtrust’s human capital with a good working environment, training and involvement with the company’s objectives.
  • Awareness and active participation to establish and meet the objectives and goals related to Quality Management and Information Security.
  • Special emphasis on training and awareness derived from the Management Systems implemented in the organization.
  • To provide added value to the client through the use of information technologies within the continuous process of innovation in the creation of solutions.
  • Manage the provision of services performed by Redtrust to clients effectively and efficiently, within a life cycle that allows continuous improvement of the processes implemented.
  • Ensure the confidentiality, integrity and availability of information.
  • To have Business Continuity mechanisms in place, always taking into account Information Security in the face of disruptive events.

In this way, the Corporate Integrated Management Policy QMS/IMMS constitutes the reference framework for the establishment and revision of Redtrust’s Quality and Information Security objectives and goals, so as to ensure continuous improvement in performance and the approval of programs and plans to achieve it.

As a result of the concern for Information Security, Redtrust performs a risk analysis that will be constantly updated in order to maintain control over possible new risk situations and the establishment of the corresponding plan for the treatment of unaccepted risks. Based on the results obtained in the planning phase, security controls are implemented, in addition to operating the procedures of the management system to the requirements of the process.

Likewise, Redtrust’s leadership team ensures the momentum of the system, data analysis and decision making by ensuring the availability of resources and intercommunication between all departments of the company’s organization chart. Likewise, it proactively and positively influences the behavior of its stakeholders and its main suppliers and contractors, promoting the adoption of responsible behavior with regard to information security.

Improvements are evaluated, and once their feasibility has been studied, they are implemented, operated and maintained. The entire Management System is based on a continuous improvement cycle that includes the planning of its activities, its implementation and operation, review and subsequent improvement.

Improvements to this policy and the underlying management systems are established during the review and improvement phases based on input from internal and external personnel.

This policy is communicated to all Redtrust employees and is available to our stakeholders. All Redtrust employees are required to comply with the standards and procedures derived from this policy.