ITS logo
Let's talk

Quality and Information Security Policy

Grupo ITS, a leading company in its field dedicated to delivering comprehensive information technology solutions, with a primary focus on the SaaS (Software as a Service) model and especially on CCaaS (Contact Center as a Service) and UCaaS (Unified Communications as a Service) technologies, has decided to implement a Quality and Information Security Management System based on ISO 9001 and ISO 27001 standards to improve the products and services it provides to its clients. Grupo ITS management views the Quality and Information Security Management System as a way to organize company operations based on core pillars such as the quality of its products and services, customer satisfaction, and information security. Its objective is to provide quality service, preserve the confidentiality, integrity, and availability of information, protect it from a broad range of threats, ensure business continuity, minimize damage, maximize return on investments and business opportunities, and drive continuous improvement.

For this purpose, the Grupo ITS Quality and Information Security Management System is based on:

  • Quality, information security, and continuous improvement are the responsibility of every member of the company, starting from leadership.
  • Quality and information security are achieved by planning, executing, reviewing, and improving the Management System while always considering the organization's internal and external context.
  • Objectives and goals are established and reviewed regularly in alignment with the commitments stated in this policy, with active support from both management and collaborators.
  • Quality is oriented toward the satisfaction of our clients and interested parties through compliance with their needs, applicable legal requirements, and service-specific obligations.
  • Continuous improvement is a priority in both productive processes and the effectiveness of the Quality and Security Management System, where error prevention is fundamental.
  • The organization is committed to approving and periodically reevaluating suppliers using certification, accreditation, trial-period, strategic, exclusivity, and historical criteria.
  • Organizational risks are identified to establish a preventive approach.
  • Special attention is given to technological evolution and the improvements that new technologies can provide.
  • Participation and collaboration from everyone are essential, which is why this policy is shared with all company personnel for awareness and understanding.
  • Personal data protection and individual privacy are safeguarded.
  • The organization's records are protected.
  • Intellectual property rights are protected.
  • Security responsibilities are clearly assigned.
  • Training and education in quality and information security are maintained.
  • Security incidents are recorded and tracked.
  • Business continuity management is maintained.
  • Changes that may occur within the company, both in quality matters and security-related matters, are managed appropriately.

Through the development and implementation of this Quality and Information Security Management System, Grupo ITS management assumes the following commitments:

  • Develop products and services in compliance with legislative requirements, identifying the laws applicable to the business lines covered by the Quality and Information Security Management System.
  • Establish and comply with contractual requirements agreed with interested parties.
  • Define quality and security training requirements and provide the necessary training through structured training plans.
  • Prevent and detect viruses and other malicious software by developing specific policies and maintaining agreements with specialized organizations.
  • Manage business continuity through continuity plans aligned with internationally recognized methodologies.
  • Define the consequences of violations of the security policy, reflecting them in contracts signed with interested parties, suppliers, and subcontractors.
  • Act at all times under the strictest professional ethics.

This Policy provides the reference framework for the continuous improvement of the Quality and Information Security Management System, as well as for establishing and reviewing Management System objectives. It is communicated to the entire organization through the company's document manager, published on information boards, and posted on the organization's website. It is reviewed annually for suitability and additionally whenever special situations or substantial changes arise in the Quality and Information Security Management System, and it is available to the general public. Mexico City, September 28, 2023.