Security

PIB Group Iberia Correduría de Seguros y Reaseguros, S.A.U, hereinafter PIB GROUP IBERIA, has made the decision to manage information systems using international best practices, according to the ISO 27001:2013 standard. Given the importance of information systems, PIB GROUP IBERIA establishes through its management the following fundamental principles of information security:

1. Regulatory compliance: all information systems comply with the applicable legal, regulatory and industry standards that affect information security, especially those related to personal data protection, systems security, data, communications and electronic services.
2. Risk management: risks are minimized to acceptable levels and a balance is sought between security controls and the nature of the information. Security objectives are established, reviewed and consistent with information security aspects.
3. Training and awareness-raising: training, awareness-raising programs and awareness campaigns are organized for all users with access to information on information security.
4. Availability, integrity and confidentiality:
5. The availability of information is guaranteed, ensuring the continuity of the business supported by the information services through contingency plans.
6. The integrity of the information with which we work is ensured, so that it is concise and precise, with emphasis on the accuracy of both its content and the processes involved.
7. The confidentiality of the information is guaranteed, so that only authorized persons have access to it.
8. Proportionality: the implementation of controls that mitigate the security risks of the assets is done by seeking a balance between the security measures, the nature of the information and the risk.
9. Responsibility: all PIB GROUP IBERIA members are responsible for their conduct regarding information security, complying with the established rules and controls.
10. Continuous improvement: the degree of effectiveness of the security controls implemented in the organization is reviewed on a recurring basis to increase its capacity to adapt to the constant evolution of risk and the technological environment.

Consistent with the responsibility assumed and convinced that safety management is essential for the future and excellence of the company, the management of PIB GROUP IBERIA is committed to provide the necessary resources to comply with this Policy.

In accordance with this Policy, Safety Objectives are established at all levels, monitoring the degree of compliance, so that we can measure our improvement.

PIB GROUP IBERIA’s Management periodically reviews the Information Security Management System (ISMS), with the commitment to ensure its correct and effective development, continuous improvement and its adaptation to new applicable legal requirements.

Barcelona, December 20, 2020

Management