SAEM company logo

Information Security

General Information Security Policy

SAEM COLOMBIA SAS, in compliance with the provisions of the ISO/IEC 27001:2022 standard, is committed to implementing, maintain, and continuously improve its Information Security Management System (ISMS), ensuring the confidentiality, integrity, and availability of the critical information assets that support the provision of technological services in telecommunications, software, automation, artificial intelligence, and technological infrastructure

This policy applies to employees, customers, third parties, suppliers, interns, and apprentices, who must comply with the ISMS guidelines. All decisions and actions regarding security will be guided by security management, the mitigation of risk materialization, the protection of information assets, the strengthening of the corporate information security culture, and compliance with legal, regulatory, and contractual requirements, ensuring the implementation of applicable controls within the scope of operations.

Top Management is committed to providing the necessary resources and support to ensure the effective operation of the ISMS in accordance with ISO/IEC 27001:2022 and to promoting the continuous improvement of security controls.

This policy will be reviewed at least once a year, or earlier if there are relevant changes in the environment or in the Organization, to ensure its validity and effectiveness.

Complementary Policies

To support the overall strategy, we have specific policies that will guide our day-to-day actions:

Use of Resources and Workstation

  • Acceptable Use of Assets (SSG-PO-005)
  • Mobile Devices (SSG-PO-004)
  • Clean Desk and Screen (SSG-PO-008)

Technical and Operational Security

  • Access Control for Systems, Networks, and Applications (SSG-PO-002)
  • Technical Vulnerability Management (SSG-PO-006)
  • Secure Configuration Management (SSG-PO-007)
  • Backups (SSG-PO-009)

Data and Privacy Management

  • Personal Data Processing (SSG-PO-011)
  • Information Transfer (SSG-PO-012)
  • Intellectual Property Rights (SSG-PO-015)

Relationships and Continuity

  • Information Security for Suppliers (SSG-PO-010)
  • Security During Disruption/Continuity (SSG-PO-013)
  • Security in Project Management (SSG-PO-014)
  • Threat Intelligence (SSG-PO-016)

Governance

  • Roles, Functions, and Responsibilities (SSG-PO-017)

Please click on the following link and accept our policies:

Statement of Commitment and Acceptance: Information Security Policy Framework (SAEM): Fill out the form